1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 11:40 pm May 1, 2026

Forum Moderators: phranque

Message Too Old, No Replies

Rewrite SEF URL (dynamic) to allow access from both https and http

Rewrite SEF URL (dynamic) to allow https and http

         

CrazyBigGaz

8:54 am on Apr 21, 2011 (gmt 0)

10+ Year Member



Hi,

I have the below SEF (search engine friendly) URL, that I would like members and users to be able to access from both HTTPS and HTTP

I think the problem is, it is a dynamic rule.

Here is the current rule, which doesn't work correctly when using HTTPS 

RewriteRule ^([a-zA-Z0-9_-]+)$ profile.php?username=$1

What the rewrite rule is doing when going to:
https:// www.mydomain.tld/abc
It sends me to
http:// www.mydomain.tld/abc?username=abc

I have tried the below, but it gives me a 404 error 

RewriteEngine On
RewriteCond %{SERVER_PORT}s ^(443(s)|[0-9]+s)$
RewriteCond %{REQUEST_URI} ^profile.php?username=$1 [NC]
RewriteRule ^(.+)$ http%2://%{HTTP_HOST}/([a-zA-Z0-9_-]+) [R,L]


My other .htaccess HTTPS/HTTP code is: 

# HTTPS 301 redirect on login.php and signup.php
RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteCond $1 !\.(gif|jpg|png|ico|css|js)$
RewriteRule ^(test.php|login.php|signup.php)$ https://%{HTTP_HOST}/$1 [R=301,L]

# HTTP 301 redirect
RewriteCond %{SERVER_PORT} ^443$
RewriteCond %{REQUEST_URI} !^/(test.php|login.php|signup.php|profile.php)$
RewriteCond %{REQUEST_URI} !\.(gif|jpg|png|ico|css|js)$
RewriteRule ^(.*)$ http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]


Regards,
Garry

CrazyBigGaz

9:35 am on Apr 21, 2011 (gmt 0)

10+ Year Member



Just searched the forum and I think I have found the answer
Link to post: [webmasterworld.com...]

Which had 

RewriteCond %{HTTPS} =on
RewriteRule ^(.+)$ - [env=ps:https] [L]
RewriteCond %{HTTPS} !=on
RewriteRule ^(.+)$ - [env=ps:http] [L]

RewriteCond %{THE_REQUEST} ^[A-Z]\ /profile\.php\?username=([^&]+)\ HTTP/
RewriteRule ^profile\.php$ %{ENV:ps}://www.example.com/%1? [R=301,L]
RewriteRule ^([A-Za-z0-9_]+)/?$ profile.php?username=$1 [L]


So I changed it to: 

RewriteCond %{HTTPS} =on
RewriteRule ^(.+)$ - [env=ps:https] [L]
RewriteCond %{HTTPS} !=on
RewriteRule ^(.+)$ - [env=ps:http] [L]

RewriteCond %{THE_REQUEST} ^[A-Za-z0-9_-]\ /profile\.php\?username=([^&]+)\ HTTP/
RewriteRule ^profile\.php$ %{ENV:ps}://www.mydomain.tld/%1? [R=301,L]
RewriteRule ^([A-Za-z0-9_-]+)/?$ profile.php?username=$1 [L]


I changed {THE_REQUEST} bit to add lowercase, numbers and _ -

Looks to be all working

CrazyBigGaz

9:42 am on Apr 21, 2011 (gmt 0)

10+ Year Member



Do I need to add a condition to allow images, CSS etc... to this new rule set?

jdMorgan

6:41 pm on Apr 25, 2011 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



You should re-consider the original premise of this thread. It would be a big mistake SEO-wise to allow access to the same content using two different protocol+URL paths. You are essentially creating duplicate content -- setting up each of your pages to have an additional "competitor" in search rankings. Neither duplicate page can then rank as well as it would on its own. Would you spend time and money to help a competitor who duplicated your pages? That's what your current plan does.

The correct approach is to link to the exact and correct protocol+URL required from your own pages, force a 301 redirect to HTTPS if a secure page is requested using HTTP, force a 301 redirect HTTP if a non-secure page is requested using HTTP, and exclude image, CSS stylesheet, and external JavaScript file requests from being redirected in either case (since these files are not "pages").

This requires two rules with RewriteConds for %{HTTPS} or %{SERVER_PORT} testing and filetype exclusions. This code has been posted here many times, usually with a title including "Redirect HTTP to HTTPS" or vice-versa.

A third rule, following the two described above, can be used to force a canonical hostname while preserving the correct protocol. That code has also been posted here before.

Jim

g1smd

6:52 pm on Apr 25, 2011 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



Your original code contained one syntax error. 

RewriteCond %{REQUEST_URI} ^profile.php?username=$1 [NC]


REQUEST_URI cannot match any parameter data, only the path and filename parts.

In any case, it was still not quite the right approach as Jim explained above.

Also note that every RewriteRule should have the [L] flag, and that the [R] flag generates a 302 redirect by default.

Be careful where you use the [NC] flag, it can create opportunities for Duplicate Content.

CrazyBigGaz

9:04 pm on Apr 25, 2011 (gmt 0)

10+ Year Member



Thanks for the replies.
I have decided to keep the profile side and logged out areas http only. Thanks again.

Regards,
Garry

CrazyBigGaz

10:04 am on Apr 26, 2011 (gmt 0)

10+ Year Member



Ok I am back again
Right I have got: 


RewriteRule ^([a-zA-Z0-9_-]+)$ profile.php?username=$1


Which when going to:
http:// www.mydomain.co/ABC
Works

But if I go to:
https:// www.mydomain.co/ABC
It redirects to: http:// www.mydomain.co/ABC?username=ABC
I am not wanting ?username=ABC when being redirected for HTTPS

I have tried to add ? in places to strip but that didn't work and broke it

I also have in my .htaccess 


# HTTP 301 redirect
RewriteCond %{SERVER_PORT} ^443$
RewriteCond %{REQUEST_URI} !^/(test.php|login.php|signup.php)$
RewriteRule ^(.*)$ http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]


Help please

Regards,
Garry

CrazyBigGaz

10:58 am on Apr 26, 2011 (gmt 0)

10+ Year Member



Ok how does this look, it seems to work, just a bit worried about the NC on the last RewriteRule 


RewriteCond %{THE_REQUEST} ^[a-zA-Z0-9_-]+\ /profile\.php\?username=([^&]+)\ HTTP/
RewriteRule ^profile\.php$ http://www.mydomain.co/%1? [R=301,L]
RewriteRule ^([a-z0-9_]+)/?$ profile.php?username=$1 [NC,L]


The idea is http:// www.mydomain.co/ABC is normal URL, but if anyone tries https:// www.mydomain.co/ABC they redirected back to http

g1smd

8:42 pm on Apr 26, 2011 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



The 
/?
on the end of the Regex Pattern of the rewrite promotes Duplicate Content. Set up a preceding redirect to redirect from with-slash to without-slash for page URLs to eliminate this problem.

The start of 
THE_REQUEST
will be 
GET
or 
POST
or 
HEAD
, etc, followed by a space then a forward slash. Match this with 
^[A-Z]{3,9}\ /
here.

The 
[NC]
allows aNyCase and so your PHP script should check the casing of any request. If the casing is incorrect it is the PHP script that should issue the HTTP 404 status and then send the HTML page containing the human-readable error message.

CrazyBigGaz

1:15 pm on May 4, 2011 (gmt 0)

10+ Year Member



Hi,

Ok, I have done the following
Changed: ^[a-zA-Z0-9_-]+\ /
To: ^[A-Z]{3,9}\ /
Removed: /? 

RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /profile\.php\?username=([^&]+)\ HTTP/
RewriteRule ^profile\.php$ http://dev.datingpatch.com/%1? [R=301,L]
RewriteRule ^([a-zA-Z0-9_]+)$ profile.php?username=$1 [NC,L]


Is this any better?

Regards,
Garry
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 11:40 pm May 1, 2026