Welcome to WebmasterWorld Guest from 3.92.28.84

Forum Moderators: Ocean10000 & phranque

Message Too Old, No Replies

htaccess guru assistance for rewrites

     
5:15 am on Nov 29, 2016 (gmt 0)

Preferred Member

10+ Year Member

joined:May 21, 2004
posts: 385
votes: 5


# BEGIN non-www to www with https
RewriteCond %{HTTP_HOST} !^(www\.example\.com)?$ [OR]
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://www.example.com/$1 [R=301,L]


Works like a charm. Now say I want to exclude a folder from ONLY the https part... in other words allowing /somefolder/ to be accessed by normal http, but keeping the www redirect. In my mind I am thinking of only two options :

1 - Turn the above into two rewrites... one for the non-www to www and the second to the http to https with an [L] to exclude the folder.

2 - Add a htaccess file in /somefolder/ which 'disables' the https redirect... how that would be done though I don't know.

Doing either of the above sounds kind of messy to me. Am I looking over a single option somehow with my original code? For what it is worth I have always had trouble with htaccess as I use it so infrequently so bare with me on my thought process :)
6:52 am on Nov 29, 2016 (gmt 0)

Administrator

WebmasterWorld Administrator phranque is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Aug 10, 2004
posts:11715
votes: 211


add a condition to exclude /somefolder/ and precede this ruleset with a more specific ruleset.
something like:

# BEGIN non-www to www with http: (host canonicalization for /somefolder/ requests)
RewriteCond %{HTTP_HOST} !^(www\.example\.com)?$ [OR]
RewriteCond %{HTTPS} on
RewriteRule ^(somefolder/.*) http://www.example.com/$1 [R=301,L]

# BEGIN non-www to www with https: (host canonicalization for all but /somefolder/ requests)
RewriteCond %{REQUEST_URI} !^/somefolder/
RewriteCond %{HTTP_HOST} !^(www\.example\.com)?$ [OR]
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://www.example.com/$1 [R=301,L]
6:54 am on Nov 29, 2016 (gmt 0)

Administrator from US 

WebmasterWorld Administrator not2easy is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Dec 27, 2006
posts:4352
votes: 298


Specifics can differ from one hosting environment to another, but in general on an Apache server, any htaccess file in a folder will discard root htaccess rewrite instructions. So if your www + https rules above are in the domain root folder (often named "public_html") at http://www.example.com and you add a separate htaccess file in /folder/ at "http://www.example.com/folder/" that only has the www rewrite rule and not the https rule, it should handle the situation without any mess.

I say "should" because not all hosts are using the same configurations, but with most common settings it should work just fine.

BTW - I don't know why you would need this part of the rules:
RewriteCond %{HTTPS} !on

because basically that condition says "if HTTPS is not on" in which case you might not want to rewrite the request to https. Bear in mind I am not the htaccess guru around here and someone may come in to tell me I am reading it wrong. The rules I use on my own sites for HTTPS do not have that line and they work fine.
4:36 pm on Nov 29, 2016 (gmt 0)

Preferred Member

10+ Year Member

joined:May 21, 2004
posts: 385
votes: 5


The whole thing is basically saying "if it isn't starting with www OR it isn't https then rewrite it". So if either of the conditions are met it rewrites. The OR is going to save some testing for https in those cases where the first condition is met.

The only way to leave the 'not https' part out would be to rewrite every single request and if you are doing that then you might as well leave out the 'not www' part as well.

I guess I will test out the two different options today when I have time to do so. So far it seems like my original thinking was correct... I just like to try to stream line things if there is a way to do it.
7:11 pm on Nov 29, 2016 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member lucy24 is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month

joined:Apr 9, 2011
posts:15704
votes: 811


Add a htaccess file in /somefolder/ which 'disables' the https redirect... how that would be done though I don't know.

This approach is generally not a good idea where mod_rewrite is involved, thanks to its quirky inheritance behavior. (It's OK and sometimes even necesssary for other modules, such as access-control or indexing rules.) Instead, put ^somefolder in the pattern, if positive, or !^/somefolder in a condition, if negative. Technically you can have a negative pattern, but, but ...

For the excluded directory, do you want to allow both http and https, or do you need it to be http alone?
7:31 pm on Nov 29, 2016 (gmt 0)

Preferred Member

10+ Year Member

joined:May 21, 2004
posts: 385
votes: 5


For the excluded directory, do you want to allow both http and https, or do you need it to be http alone?


In this specific case it would not matter if both http and https were allowed or for that matter if the the non-www to www happens either. The only thing that is important is http is allowed and https is not forced on it. For this use case the folder contains a set of files which interact ONLY with our software so we are the ones who would be pointing to the files (eliminates the need for www forcing) and it would always be the correct http / https version as well.

I think the following will work just fine for me in the case I described :


# BEGIN non-www to www with https: (host canonicalization for all but /somefolder/ requests)
RewriteCond %{REQUEST_URI} !^/somefolder/
RewriteCond %{HTTP_HOST} !^(www\.example\.com)?$ [OR]
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://www.example.com/$1 [R=301,L]


which would allow both non-www and www version as well as both http and https. Assuming my thinking is correct on this. While I would still like to do things the 'correct' way here because 'we' are the only ones using this folder it is not necessary to force correctness for this folder if that makes sense.