Force Ssl/Https Using .Htaccess and Mod_Rewrite

Force SSL/https using .htaccess and mod_rewrite

For Apache, you can use mod_ssl to force SSL with the SSLRequireSSL Directive:

This directive forbids access unless HTTP over SSL (i.e. HTTPS) is enabled for the current connection. This is very handy inside the SSL-enabled virtual host or directories for defending against configuration errors that expose stuff that should be protected. When this directive is present all requests are denied which are not using SSL.

This will not do a redirect to https though. To redirect, try the following with mod_rewrite in your .htaccess file

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

or any of the various approaches given at

  • http://www.askapache.com/htaccess/http-https-rewriterule-redirect.html

You can also solve this from within PHP in case your provider has disabled .htaccess (which is unlikely since you asked for it, but anyway)

if (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] !== 'on') {
    if(!headers_sent()) {
        header("Status: 301 Moved Permanently");
        header(sprintf(
            'Location: https://%s%s',
            $_SERVER['HTTP_HOST'],
            $_SERVER['REQUEST_URI']
        ));
        exit();
    }
}

Forcing SSL and WWW using .htaccess

That's a bit simpler.

RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^www\.domain\.com$ [NC]
RewriteRule ^(.*)$ https://www.domain.com/$1 [L,R=301]

Laravel: how to force HTTPS?

You need adding this to your .htaccess file: 

RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://YOURWEBSITEDOMAIN/$1 [R,L]

See this:
http://www.inmotionhosting.com/support/website/ssl/how-to-force-https-using-the-htaccess-file

Using 'mod_rewrite' how do I force HTTPS for certain paths and HTTP for all others?

You can put something like this in your :80 vhost:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(panel/|store/payment) https://%{HTTP_HOST}%{REQUEST_URI}

And this in your :443 vhost:

RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule !^(panel/|store/payment) http://%{HTTP_HOST}%{REQUEST_URI}

http to https through .htaccess

Try the following:

 RewriteEngine On
 RewriteCond %{HTTPS} !=on
 RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]

Also, you can also redirect based on port number, for example:

 RewriteCond %{SERVER_PORT} ^80$
 RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]

This will redirect all requests received on port 80 to HTTPS.


Related Topics

How to Convert Xml into Array in PHP

How to Log Errors and Warnings into a File

How to Convert an Image to Base64 Encoding

How to Get a File Name from a Full Path With PHP

Pdo Get the Last Id Inserted

How to Choose an Authentication Library For Codeigniter

How to Remove Multiple Utf-8 Bom Sequences

Extract Urls from Text in PHP

Best Way to Avoid Duplicate Entry into MySQL Database

Fatal Error: Call to a Member Function Fetch_Assoc() on a Non-Object

Resize Image in PHP

Replace Keys in an Array Based on Another Lookup/Mapping Array

Simplest Way to Detect a Mobile Device in PHP

How to Store and Retrieve Images from a MySQL Database Using PHP

How to Sort Files by Date in PHP

New Self Vs. New Static

Comparing String to Integer Gives Strange Results

How to Implement Authorization Using a Telegram API


Leave a reply



Submit