htaccess redirect to https://www

269

I have the following htaccess code:

<IfModule mod_rewrite.c>



RewriteEngine On

RewriteCond !{HTTPS} off

RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

RewriteCond %{HTTP_HOST} !^www.

RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]



</IfModule>

I want my site to be redirected to https://www. with HTTPS, and enforcing the www. subdomain,
but when I access http://www. (without HTTPS), it does not redirect me to https://www with HTTPS.

edited Dec 16 '15 at 16:32

Michael Berkowski

225k34375346

asked Dec 20 '12 at 17:58

bigben

1,3764106

Should be RewriteCond %{HTTPS} =off

– Michael Berkowski
Dec 20 '12 at 18:18

1

If I do that it redirects to h t t p s : / / w w w.w w w.

– bigben
Dec 21 '12 at 21:31

Dear @bigben you have accepted a wrong answer here! you can find out why its wrong in my answer.

– Amir Forsati
Aug 20 '18 at 19:42

add a comment |

269

I have the following htaccess code:

<IfModule mod_rewrite.c>



RewriteEngine On

RewriteCond !{HTTPS} off

RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

RewriteCond %{HTTP_HOST} !^www.

RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]



</IfModule>

I want my site to be redirected to https://www. with HTTPS, and enforcing the www. subdomain,
but when I access http://www. (without HTTPS), it does not redirect me to https://www with HTTPS.

edited Dec 16 '15 at 16:32

Michael Berkowski

225k34375346

asked Dec 20 '12 at 17:58

bigben

1,3764106

Should be RewriteCond %{HTTPS} =off

– Michael Berkowski
Dec 20 '12 at 18:18

1

If I do that it redirects to h t t p s : / / w w w.w w w.

– bigben
Dec 21 '12 at 21:31

Dear @bigben you have accepted a wrong answer here! you can find out why its wrong in my answer.

– Amir Forsati
Aug 20 '18 at 19:42

add a comment |

269

141

I have the following htaccess code:

<IfModule mod_rewrite.c>



RewriteEngine On

RewriteCond !{HTTPS} off

RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

RewriteCond %{HTTP_HOST} !^www.

RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]



</IfModule>

I want my site to be redirected to https://www. with HTTPS, and enforcing the www. subdomain,
but when I access http://www. (without HTTPS), it does not redirect me to https://www with HTTPS.

edited Dec 16 '15 at 16:32

Michael Berkowski

225k34375346

asked Dec 20 '12 at 17:58

bigben

1,3764106

I have the following htaccess code:

<IfModule mod_rewrite.c>



RewriteEngine On

RewriteCond !{HTTPS} off

RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

RewriteCond %{HTTP_HOST} !^www.

RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]



</IfModule>

I want my site to be redirected to https://www. with HTTPS, and enforcing the www. subdomain,
but when I access http://www. (without HTTPS), it does not redirect me to https://www with HTTPS.

apache .htaccess mod-rewrite redirect https

edited Dec 16 '15 at 16:32

Michael Berkowski

225k34375346

asked Dec 20 '12 at 17:58

bigben

1,3764106

edited Dec 16 '15 at 16:32

Michael Berkowski

225k34375346

asked Dec 20 '12 at 17:58

bigben

1,3764106

edited Dec 16 '15 at 16:32

Michael Berkowski

225k34375346

edited Dec 16 '15 at 16:32

Michael Berkowski

225k34375346

edited Dec 16 '15 at 16:32

Michael Berkowski

225k34375346

asked Dec 20 '12 at 17:58

bigben

1,3764106

asked Dec 20 '12 at 17:58

bigben

1,3764106

asked Dec 20 '12 at 17:58

bigben

1,3764106

Should be RewriteCond %{HTTPS} =off

– Michael Berkowski
Dec 20 '12 at 18:18

1

If I do that it redirects to h t t p s : / / w w w.w w w.

– bigben
Dec 21 '12 at 21:31

Dear @bigben you have accepted a wrong answer here! you can find out why its wrong in my answer.

– Amir Forsati
Aug 20 '18 at 19:42

add a comment |

Should be RewriteCond %{HTTPS} =off

– Michael Berkowski
Dec 20 '12 at 18:18

1

If I do that it redirects to h t t p s : / / w w w.w w w.

– bigben
Dec 21 '12 at 21:31

Dear @bigben you have accepted a wrong answer here! you can find out why its wrong in my answer.

– Amir Forsati
Aug 20 '18 at 19:42

Should be RewriteCond %{HTTPS} =off

– Michael Berkowski
Dec 20 '12 at 18:18

If I do that it redirects to h t t p s : / / w w w.w w w.

– bigben
Dec 21 '12 at 21:31

Dear @bigben you have accepted a wrong answer here! you can find out why its wrong in my answer.

– Amir Forsati
Aug 20 '18 at 19:42

add a comment |

13 Answers
13

active

oldest

votes

560

To first force HTTPS, you must check the correct environment variable %{HTTPS} off, but your rule above then prepends the www. Since you have a second rule to enforce www., don't use it in the first rule.

RewriteEngine On

RewriteCond %{HTTPS} off

# First rewrite to HTTPS:

# Don't put www. here. If it is already there it will be included, if not

# the subsequent rule will catch it.

RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

# Now, rewrite any request to the wrong domain to use www.

# [NC] is a case-insensitive match

RewriteCond %{HTTP_HOST} !^www. [NC]

RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

About proxying

When behind some forms of proxying, whereby the client is connecting via HTTPS to a proxy, load balancer, Passenger application, etc., the %{HTTPS} variable may never be on and cause a rewrite loop. This is because your application is actually receiving plain HTTP traffic even though the client and the proxy/load balancer are using HTTPS. In these cases, check the X-Forwarded-Proto header instead of the %{HTTPS} variable. This answer shows the appropriate process

edited Apr 2 '18 at 20:32

answered Dec 21 '12 at 21:34

Michael Berkowski

225k34375346

12

In some cases your cert might only be good for a single domain (it might work with www, but, not without, for instance). In such cases, redirect to the correct domain first, then redirect to https, otherwise you'll get a cert error message in your browser.

– Nick Benson
Feb 22 '14 at 3:36

16

When I used RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] an URL like exaple.com/?bla=%20 became exaple.com/?bla=%2520, i.e. the percent sign has been encoded. Consider using the flag NE to prevent double encoding: RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [NE,L,R=301]

– Beat
Jan 27 '15 at 9:20

4

this gives me a redirect loop on one server, works on other. i really don't know why

– user151496
Jan 15 '16 at 10:26

4

@user151496 Does the failing server use any kind of HTTP proxying, like passing through a Varnish cache, or into Passenger? If so, you may have to check the X-Forwarded-Proto header to verify HTTPS instead of the %{HTTPS} variable. You didn't say which part causes the loop, the www or the HTTPS part, but that's the first thing that comes to mind for me.

– Michael Berkowski
Jan 15 '16 at 12:38

4

This worked once I added RewriteEngine On to the beginning of the .htaccess file

– David
Apr 9 '16 at 17:01

|
show 21 more comments

135

Michals answer worked for me, albeit with one small modification:

Problem:

when you have a single site security certificate, a browser that tries to access your page without https:// www. (or whichever domain your certificate covers) will display an ugly red warning screen before it even gets to receive the redirect to the safe and correct https page.

Solution

First use the redirect to the www (or whichever domain is covered by your certificate) and only then do the https redirect. This will ensure that your users are not confronted with any error because your browser sees a certificate that doesn't cover the current url.

#First rewrite any request to the wrong domain to use the correct one (here www.)

RewriteCond %{HTTP_HOST} !^www.

RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]



#Now, rewrite to HTTPS:

RewriteCond %{HTTPS} off

RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

edited Mar 18 '14 at 10:36

answered Oct 22 '13 at 5:48

Larzan

6,11632937

4

+1 because it is the better option for this scenario, but note that this will not prevent the same problem from happening if the client accesses https://example.com, but in my opinion that is the least likely format to be typed in by a user. (The accepted answer will also have the same problem)

– Joshua Goossen
Mar 9 '16 at 19:45

@Larzan: Thats wrong. The certification exception occours only because you do 2 real redirects. Replace "[L,R=301]" with "[R=301]". Thenthe rules are not aborted. L=LAST

– defim
Apr 12 '16 at 23:01

If you need to handle https:// without www while having a certificate only on the www, simply add this rule to the solution : RewriteCond %{HTTP_HOST} !^www. RewriteCond %{HTTPS} on RewriteRule ^(.*)$ http://www.%{HTTP_HOST}%{REQUEST_URI}[L,R=301] It simply goes back to http when trying to connect to https://example.com to avoid certificate error.

– Eric Burel
Oct 27 '16 at 19:03

The two rules should be reversed anyway (as you have done), in order to prevent a double redirect when requesting http://example.com (ie. HTTP and no www)

– MrWhite
Sep 29 '17 at 15:00

@EricBurel You can't avoid the cert error in this instance - the SSL handshake occurs before your code executes (which is the whole point of SSL in the first place). If your redirect was able to execute before the browsers cert error then it would imply that the request had already been made over an insecure connection - which would be a fundamental failing in the SSL model.

– MrWhite
Sep 29 '17 at 15:03

|
show 1 more comment

If you are using CloudFlare or a similar CDN you will get an infinite loop error with the %{HTTPS} solutions provided here. If you're a CloudFlare user you'll need to use this:

RewriteEngine On

RewriteCond %{HTTP:X-Forwarded-Proto} =http

RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

answered Nov 13 '14 at 23:30

Andrew

2,74732840

2

Please note the current advice on the Cloudflare support site is slightly different: support.cloudflare.com/hc/en-us/articles/…

– ColinMcDermott
Dec 22 '14 at 22:34

1

Agree with @h0mayun, the advice Cloudflare gives results in a redirect loop, whereas this code here works perfectly - thank you!

– hobailey
Mar 18 '15 at 23:15

1

I run angularjs on ec2. The solutions using RewriteCond %{HTTPS} !=on give me infinite redirection (not entirely sure why). This solution, with X-Forwarded-Proto, seems to do the trick. Thank you!

– Mark Watkins
Aug 4 '16 at 15:56

3

I modified =http to !=https for our environments. X-Forwarded-Proto header was not declared if http, so !=https did the trick.

– Johnathan Elmore
Sep 15 '16 at 15:48

add a comment |

BAD SOLUTION AND WHY!

Don't ever use the solution above because when you are using their code that is something like:

RewriteCond %{HTTPS} off

RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]



RewriteCond %{HTTP_HOST} !^www. [NC]

RewriteRule .* https://www.example.com%{REQUEST_URI} [L,R=301]

The browser goes to:

http://example.com

Then redirects to:

https://example.com

Then redirects to:

https://www.example.com

This is too much request to the server

BEST SOLUTION AND THE ANSWER

This code has an [OR] condition to prevent dual changes at url!

RewriteEngine on

RewriteCond %{HTTPS} off [OR]

RewriteCond %{HTTP_HOST} !^www. [NC]

RewriteRule (.*) https://www.example.com%{REQUEST_URI} [R=301,L]

Most of the answers even accepted one, don't use this trick.

edited Nov 24 '18 at 6:41

answered Mar 27 '17 at 17:22

Amir Forsati

976822

1

"BAD SOLUTION AND WHY!" - Those rules are just in the wrong order. Reverse those two rules and it will be correct - you'll get just one redirect and not two.

– MrWhite
Sep 23 '17 at 10:18

2

Yes, the code as given results in 2 redirects - I'm not disputing that - all I'm saying is that you simply need to reverse these rules to resolve this problem, no other change is required. (The "accepted" answer is indeed incorrect - which appears to be what you are referring to - the directives are in the wrong order.)

– MrWhite
Sep 24 '17 at 8:59

1

yup @AmirForsati is right. it is redirecting twice and this should be the accepted answer.

– Zakir hussain
Aug 20 '18 at 9:42

4

You can use this if you want to keep the domainname variable: RewriteEngine On RewriteCond %{HTTPS} off RewriteCond %{HTTP_HOST} !^www. [NC] RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301] RewriteCond %{HTTPS} off RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

– I.devries
Sep 10 '18 at 9:27

add a comment |

This is the best way I found for Proxy and not proxy users

RewriteEngine On



### START WWW & HTTPS



# ensure www.

RewriteCond %{HTTP_HOST} !^www. [NC]

RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]



# ensure https

RewriteCond %{HTTP:X-Forwarded-Proto} !https

RewriteCond %{HTTPS} off

RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]



### END WWW & HTTPS

answered Sep 9 '16 at 16:09

llioor

2,1721725

Correct This is the best way I found for Proxy and not proxy users +1

– Deep 3015
Sep 11 '17 at 12:42

1

This is the best one, as it solves multiple 301 redirects

– Niraj Chauhan
Oct 3 '17 at 14:13

1

best solution ever.

– S M Jobayer Alam
Sep 30 '18 at 8:04

Great answer. This is the only one that worked for me. Works if you are behind Cloudflare (though I have no page rules set up at Cloudflare).

– jasonco
Jan 6 at 6:49

add a comment |

There are a lot of solutions out there. Here is a link to the apache wiki which deals with this issue directly.

http://wiki.apache.org/httpd/RewriteHTTPToHTTPS

RewriteEngine On

# This will enable the Rewrite capabilities



RewriteCond %{HTTPS} !=on

# This checks to make sure the connection is not already HTTPS



RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

# This rule will redirect users from their original location, to the same location but using HTTPS.

# i.e.  http://www.example.com/foo/ to https://www.example.com/foo/

# The leading slash is made optional so that this will work either in httpd.conf

# or .htaccess context

answered May 23 '14 at 7:47

Vynz

75779

6

This does not rewrite the URL to www. but it does rewrite to https://

– Thom
Dec 9 '14 at 18:14

I found by changing the rewrite condition from RewriteCond %{HTTPS} off to RewriteCond %{HTTPS} !=on that redirection would always happen, this seems the better answer to me.

– Samuel Hawksby-Robinson
Sep 26 '16 at 14:27

This solution should be accepted as a correct answer! Worked for me too!

– AndrewShmig
Dec 12 '18 at 0:35

add a comment |

To redirect http:// or https:// to https://www you can use the following rule on all versions of apache :

RewriteEngine on



RewriteCond %{HTTPS} off [OR]

RewriteCond %{HTTP_HOST} !^www.

RewriteRule ^ https://www.example.com%{REQUEST_URI} [NE,L,R]

Apache 2.4

RewriteEngine on



RewriteCond %{REQUEST_SCHEME} http [OR]

RewriteCond %{HTTP_HOST} !^www.

RewriteRule ^ https://www.example.com%{REQUEST_URI} [NE,L,R]

Note that The %{REQUEST_SCHEME} variable is available for use since apache 2.4 .

edited Jun 28 '16 at 16:52

answered Apr 27 '16 at 3:40

starkeen

30.5k156079

1

Problem!: If HTTP_HOST already contains www. but scheme is not HTTPS, then you end up with www.www. in your host.

– Jpsy
Jun 28 '16 at 16:46

@Jpsy you are right. I have updated the Redirect destination. Thanks for your input.

– starkeen
Jun 28 '16 at 16:55

1

This is almost what I was looking for but I want to keep the domain generic as in other examples. Is it possible?

– cronoklee
Oct 7 '16 at 9:55

add a comment |

If you are on CloudFlare, make sure you use something like this.

# BEGIN SSL Redirect

<IfModule mod_rewrite.c>

RewriteEngine On

RewriteCond %{HTTP:X-Forwarded-Proto} =http

RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

</IfModule>

# END SSL Redirect

This will save you from the redirect loop and will redirect your site to SSL safely.

P.S. It is a good idea to if check the mod_rewrite.c!

answered Jul 10 '16 at 4:52

Ahmad Awais

11k24436

it does not redirect https : // theurlwithoutwww.com to https : // www.

– thesearentthedroids
Jul 21 '16 at 10:58

This is actually only working solution if you have some "add www" directives beforehand. Others solutions gives me "to many redirects".

– Daniel.P.
Jul 3 '17 at 20:30

add a comment |

Set in your .htaccess file

RewriteEngine On

RewriteCond %{HTTP_HOST} !^www.

RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]

RewriteCond %{HTTPS} !=on

RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

answered Jul 25 '17 at 14:17

Adam Kozlowski

1,794622

add a comment |

I try first answer and it doesnt work...
This work:

<IfModule mod_rewrite.c>

RewriteEngine On

RewriteBase /



RewriteCond %{ENV:HTTPS} !=on

RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]



# BEGIN WordPress

<IfModule mod_rewrite.c>

RewriteEngine On

RewriteBase /

RewriteRule ^index.php$ - [L]

RewriteCond %{REQUEST_FILENAME} !-f

RewriteCond %{REQUEST_FILENAME} !-d

RewriteRule . /index.php [L]

</IfModule>



# END WordPress

answered Aug 30 '18 at 14:45

Jackssn

48146

add a comment |

RewriteEngine On

RewriteCond %{HTTP_HOST} !^www.

RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]

Notes: Make sure you have done the following steps

sudo a2enmod rewrite

sudo service apache2 restart

Add Following in your vhost file, located at /etc/apache2/sites-available/000-default.conf

<Directory /var/www/html>

  Options Indexes FollowSymLinks MultiViews

  AllowOverride All

  Order allow,deny

  allow from all

  Require all granted

</Directory>

Now your .htaccess will
work and your site will redirect to http:// to https://www

edited Sep 7 '18 at 21:48

answered Sep 7 '18 at 21:41

Kundan roy

1,2532816

add a comment |

RewriteEngine On 

RewriteCond %{SERVER_PORT} 80 

RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R]

answered Dec 14 '18 at 14:05

Анастасия Ермолик

9113

add a comment |

-2

This will work for both https and www

RewriteCond %{HTTPS} !=on

# This checks to make sure the connection is not already HTTPS

RewriteRule ^/?(.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]

answered May 20 '15 at 16:14

Nadeem As

375

1

https != on doesn't work on some servers and results in redirect loop

– user151496
Jan 15 '16 at 10:28

The equal sign in !=on is wrong. It should read: RewriteCond %{HTTPS} !on

– Jpsy
Jun 28 '16 at 16:41

or just use off.

– htm01
Jun 15 '17 at 7:36

add a comment |

protected by Community♦ Nov 7 '14 at 13:42

Thank you for your interest in this question.
Because it has attracted low-quality or spam answers that had to be removed, posting an answer now requires 10 reputation on this site (the association bonus does not count).

Would you like to answer one of these unanswered questions instead?

13 Answers
13

active

oldest

votes

13 Answers
13

active

oldest

votes

560

RewriteEngine On

RewriteCond %{HTTPS} off

# First rewrite to HTTPS:

# Don't put www. here. If it is already there it will be included, if not

# the subsequent rule will catch it.

RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

# Now, rewrite any request to the wrong domain to use www.

# [NC] is a case-insensitive match

RewriteCond %{HTTP_HOST} !^www. [NC]

RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

About proxying

edited Apr 2 '18 at 20:32

answered Dec 21 '12 at 21:34

Michael Berkowski

225k34375346

12

In some cases your cert might only be good for a single domain (it might work with www, but, not without, for instance). In such cases, redirect to the correct domain first, then redirect to https, otherwise you'll get a cert error message in your browser.

– Nick Benson
Feb 22 '14 at 3:36

16

When I used RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] an URL like exaple.com/?bla=%20 became exaple.com/?bla=%2520, i.e. the percent sign has been encoded. Consider using the flag NE to prevent double encoding: RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [NE,L,R=301]

– Beat
Jan 27 '15 at 9:20

4

this gives me a redirect loop on one server, works on other. i really don't know why

– user151496
Jan 15 '16 at 10:26

4

@user151496 Does the failing server use any kind of HTTP proxying, like passing through a Varnish cache, or into Passenger? If so, you may have to check the X-Forwarded-Proto header to verify HTTPS instead of the %{HTTPS} variable. You didn't say which part causes the loop, the www or the HTTPS part, but that's the first thing that comes to mind for me.

– Michael Berkowski
Jan 15 '16 at 12:38

4

This worked once I added RewriteEngine On to the beginning of the .htaccess file

– David
Apr 9 '16 at 17:01

|
show 21 more comments

560

RewriteEngine On

RewriteCond %{HTTPS} off

# First rewrite to HTTPS:

# Don't put www. here. If it is already there it will be included, if not

# the subsequent rule will catch it.

RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

# Now, rewrite any request to the wrong domain to use www.

# [NC] is a case-insensitive match

RewriteCond %{HTTP_HOST} !^www. [NC]

RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

About proxying

edited Apr 2 '18 at 20:32

answered Dec 21 '12 at 21:34

Michael Berkowski

225k34375346

12

In some cases your cert might only be good for a single domain (it might work with www, but, not without, for instance). In such cases, redirect to the correct domain first, then redirect to https, otherwise you'll get a cert error message in your browser.

– Nick Benson
Feb 22 '14 at 3:36

16

When I used RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] an URL like exaple.com/?bla=%20 became exaple.com/?bla=%2520, i.e. the percent sign has been encoded. Consider using the flag NE to prevent double encoding: RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [NE,L,R=301]

– Beat
Jan 27 '15 at 9:20

4

this gives me a redirect loop on one server, works on other. i really don't know why

– user151496
Jan 15 '16 at 10:26

4

@user151496 Does the failing server use any kind of HTTP proxying, like passing through a Varnish cache, or into Passenger? If so, you may have to check the X-Forwarded-Proto header to verify HTTPS instead of the %{HTTPS} variable. You didn't say which part causes the loop, the www or the HTTPS part, but that's the first thing that comes to mind for me.

– Michael Berkowski
Jan 15 '16 at 12:38

4

This worked once I added RewriteEngine On to the beginning of the .htaccess file

– David
Apr 9 '16 at 17:01

|
show 21 more comments

560

RewriteEngine On

RewriteCond %{HTTPS} off

# First rewrite to HTTPS:

# Don't put www. here. If it is already there it will be included, if not

# the subsequent rule will catch it.

RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

# Now, rewrite any request to the wrong domain to use www.

# [NC] is a case-insensitive match

RewriteCond %{HTTP_HOST} !^www. [NC]

RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

About proxying

edited Apr 2 '18 at 20:32

answered Dec 21 '12 at 21:34

Michael Berkowski

225k34375346

RewriteEngine On

RewriteCond %{HTTPS} off

# First rewrite to HTTPS:

# Don't put www. here. If it is already there it will be included, if not

# the subsequent rule will catch it.

RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

# Now, rewrite any request to the wrong domain to use www.

# [NC] is a case-insensitive match

RewriteCond %{HTTP_HOST} !^www. [NC]

RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

About proxying

edited Apr 2 '18 at 20:32

answered Dec 21 '12 at 21:34

Michael Berkowski

225k34375346

edited Apr 2 '18 at 20:32

answered Dec 21 '12 at 21:34

Michael Berkowski

225k34375346

answered Dec 21 '12 at 21:34

Michael Berkowski

225k34375346

answered Dec 21 '12 at 21:34

Michael Berkowski

225k34375346

12

In some cases your cert might only be good for a single domain (it might work with www, but, not without, for instance). In such cases, redirect to the correct domain first, then redirect to https, otherwise you'll get a cert error message in your browser.

– Nick Benson
Feb 22 '14 at 3:36

16

When I used RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] an URL like exaple.com/?bla=%20 became exaple.com/?bla=%2520, i.e. the percent sign has been encoded. Consider using the flag NE to prevent double encoding: RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [NE,L,R=301]

– Beat
Jan 27 '15 at 9:20

4

this gives me a redirect loop on one server, works on other. i really don't know why

– user151496
Jan 15 '16 at 10:26

4

@user151496 Does the failing server use any kind of HTTP proxying, like passing through a Varnish cache, or into Passenger? If so, you may have to check the X-Forwarded-Proto header to verify HTTPS instead of the %{HTTPS} variable. You didn't say which part causes the loop, the www or the HTTPS part, but that's the first thing that comes to mind for me.

– Michael Berkowski
Jan 15 '16 at 12:38

4

This worked once I added RewriteEngine On to the beginning of the .htaccess file

– David
Apr 9 '16 at 17:01

|
show 21 more comments

12

In some cases your cert might only be good for a single domain (it might work with www, but, not without, for instance). In such cases, redirect to the correct domain first, then redirect to https, otherwise you'll get a cert error message in your browser.

– Nick Benson
Feb 22 '14 at 3:36

16

When I used RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] an URL like exaple.com/?bla=%20 became exaple.com/?bla=%2520, i.e. the percent sign has been encoded. Consider using the flag NE to prevent double encoding: RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [NE,L,R=301]

– Beat
Jan 27 '15 at 9:20

4

this gives me a redirect loop on one server, works on other. i really don't know why

– user151496
Jan 15 '16 at 10:26

4

@user151496 Does the failing server use any kind of HTTP proxying, like passing through a Varnish cache, or into Passenger? If so, you may have to check the X-Forwarded-Proto header to verify HTTPS instead of the %{HTTPS} variable. You didn't say which part causes the loop, the www or the HTTPS part, but that's the first thing that comes to mind for me.

– Michael Berkowski
Jan 15 '16 at 12:38

4

This worked once I added RewriteEngine On to the beginning of the .htaccess file

– David
Apr 9 '16 at 17:01

In some cases your cert might only be good for a single domain (it might work with www, but, not without, for instance). In such cases, redirect to the correct domain first, then redirect to https, otherwise you'll get a cert error message in your browser.

– Nick Benson
Feb 22 '14 at 3:36

When I used RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] an URL like exaple.com/?bla=%20 became exaple.com/?bla=%2520, i.e. the percent sign has been encoded. Consider using the flag NE to prevent double encoding: RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [NE,L,R=301]

– Beat
Jan 27 '15 at 9:20

this gives me a redirect loop on one server, works on other. i really don't know why

– user151496
Jan 15 '16 at 10:26

@user151496 Does the failing server use any kind of HTTP proxying, like passing through a Varnish cache, or into Passenger? If so, you may have to check the X-Forwarded-Proto header to verify HTTPS instead of the %{HTTPS} variable. You didn't say which part causes the loop, the www or the HTTPS part, but that's the first thing that comes to mind for me.

– Michael Berkowski
Jan 15 '16 at 12:38

This worked once I added RewriteEngine On to the beginning of the .htaccess file

– David
Apr 9 '16 at 17:01

|
show 21 more comments

135

Michals answer worked for me, albeit with one small modification:

Problem:

Solution

#First rewrite any request to the wrong domain to use the correct one (here www.)

RewriteCond %{HTTP_HOST} !^www.

RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]



#Now, rewrite to HTTPS:

RewriteCond %{HTTPS} off

RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

edited Mar 18 '14 at 10:36

answered Oct 22 '13 at 5:48

Larzan

6,11632937

4

+1 because it is the better option for this scenario, but note that this will not prevent the same problem from happening if the client accesses https://example.com, but in my opinion that is the least likely format to be typed in by a user. (The accepted answer will also have the same problem)

– Joshua Goossen
Mar 9 '16 at 19:45

@Larzan: Thats wrong. The certification exception occours only because you do 2 real redirects. Replace "[L,R=301]" with "[R=301]". Thenthe rules are not aborted. L=LAST

– defim
Apr 12 '16 at 23:01

If you need to handle https:// without www while having a certificate only on the www, simply add this rule to the solution : RewriteCond %{HTTP_HOST} !^www. RewriteCond %{HTTPS} on RewriteRule ^(.*)$ http://www.%{HTTP_HOST}%{REQUEST_URI}[L,R=301] It simply goes back to http when trying to connect to https://example.com to avoid certificate error.

– Eric Burel
Oct 27 '16 at 19:03

The two rules should be reversed anyway (as you have done), in order to prevent a double redirect when requesting http://example.com (ie. HTTP and no www)

– MrWhite
Sep 29 '17 at 15:00

@EricBurel You can't avoid the cert error in this instance - the SSL handshake occurs before your code executes (which is the whole point of SSL in the first place). If your redirect was able to execute before the browsers cert error then it would imply that the request had already been made over an insecure connection - which would be a fundamental failing in the SSL model.

– MrWhite
Sep 29 '17 at 15:03

|
show 1 more comment

135

Michals answer worked for me, albeit with one small modification:

Problem:

Solution

#First rewrite any request to the wrong domain to use the correct one (here www.)

RewriteCond %{HTTP_HOST} !^www.

RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]



#Now, rewrite to HTTPS:

RewriteCond %{HTTPS} off

RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

edited Mar 18 '14 at 10:36

answered Oct 22 '13 at 5:48

Larzan

6,11632937

4

+1 because it is the better option for this scenario, but note that this will not prevent the same problem from happening if the client accesses https://example.com, but in my opinion that is the least likely format to be typed in by a user. (The accepted answer will also have the same problem)

– Joshua Goossen
Mar 9 '16 at 19:45

@Larzan: Thats wrong. The certification exception occours only because you do 2 real redirects. Replace "[L,R=301]" with "[R=301]". Thenthe rules are not aborted. L=LAST

– defim
Apr 12 '16 at 23:01

If you need to handle https:// without www while having a certificate only on the www, simply add this rule to the solution : RewriteCond %{HTTP_HOST} !^www. RewriteCond %{HTTPS} on RewriteRule ^(.*)$ http://www.%{HTTP_HOST}%{REQUEST_URI}[L,R=301] It simply goes back to http when trying to connect to https://example.com to avoid certificate error.

– Eric Burel
Oct 27 '16 at 19:03

The two rules should be reversed anyway (as you have done), in order to prevent a double redirect when requesting http://example.com (ie. HTTP and no www)

– MrWhite
Sep 29 '17 at 15:00

@EricBurel You can't avoid the cert error in this instance - the SSL handshake occurs before your code executes (which is the whole point of SSL in the first place). If your redirect was able to execute before the browsers cert error then it would imply that the request had already been made over an insecure connection - which would be a fundamental failing in the SSL model.

– MrWhite
Sep 29 '17 at 15:03

|
show 1 more comment

135

Michals answer worked for me, albeit with one small modification:

Problem:

Solution

#First rewrite any request to the wrong domain to use the correct one (here www.)

RewriteCond %{HTTP_HOST} !^www.

RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]



#Now, rewrite to HTTPS:

RewriteCond %{HTTPS} off

RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

edited Mar 18 '14 at 10:36

answered Oct 22 '13 at 5:48

Larzan

6,11632937

Michals answer worked for me, albeit with one small modification:

Problem:

Solution

#First rewrite any request to the wrong domain to use the correct one (here www.)

RewriteCond %{HTTP_HOST} !^www.

RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]



#Now, rewrite to HTTPS:

RewriteCond %{HTTPS} off

RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

edited Mar 18 '14 at 10:36

answered Oct 22 '13 at 5:48

Larzan

6,11632937

edited Mar 18 '14 at 10:36

answered Oct 22 '13 at 5:48

Larzan

6,11632937

answered Oct 22 '13 at 5:48

Larzan

6,11632937

answered Oct 22 '13 at 5:48

Larzan

6,11632937

4

+1 because it is the better option for this scenario, but note that this will not prevent the same problem from happening if the client accesses https://example.com, but in my opinion that is the least likely format to be typed in by a user. (The accepted answer will also have the same problem)

– Joshua Goossen
Mar 9 '16 at 19:45

@Larzan: Thats wrong. The certification exception occours only because you do 2 real redirects. Replace "[L,R=301]" with "[R=301]". Thenthe rules are not aborted. L=LAST

– defim
Apr 12 '16 at 23:01

If you need to handle https:// without www while having a certificate only on the www, simply add this rule to the solution : RewriteCond %{HTTP_HOST} !^www. RewriteCond %{HTTPS} on RewriteRule ^(.*)$ http://www.%{HTTP_HOST}%{REQUEST_URI}[L,R=301] It simply goes back to http when trying to connect to https://example.com to avoid certificate error.

– Eric Burel
Oct 27 '16 at 19:03

The two rules should be reversed anyway (as you have done), in order to prevent a double redirect when requesting http://example.com (ie. HTTP and no www)

– MrWhite
Sep 29 '17 at 15:00

@EricBurel You can't avoid the cert error in this instance - the SSL handshake occurs before your code executes (which is the whole point of SSL in the first place). If your redirect was able to execute before the browsers cert error then it would imply that the request had already been made over an insecure connection - which would be a fundamental failing in the SSL model.

– MrWhite
Sep 29 '17 at 15:03

|
show 1 more comment

4

+1 because it is the better option for this scenario, but note that this will not prevent the same problem from happening if the client accesses https://example.com, but in my opinion that is the least likely format to be typed in by a user. (The accepted answer will also have the same problem)

– Joshua Goossen
Mar 9 '16 at 19:45

@Larzan: Thats wrong. The certification exception occours only because you do 2 real redirects. Replace "[L,R=301]" with "[R=301]". Thenthe rules are not aborted. L=LAST

– defim
Apr 12 '16 at 23:01

If you need to handle https:// without www while having a certificate only on the www, simply add this rule to the solution : RewriteCond %{HTTP_HOST} !^www. RewriteCond %{HTTPS} on RewriteRule ^(.*)$ http://www.%{HTTP_HOST}%{REQUEST_URI}[L,R=301] It simply goes back to http when trying to connect to https://example.com to avoid certificate error.

– Eric Burel
Oct 27 '16 at 19:03

The two rules should be reversed anyway (as you have done), in order to prevent a double redirect when requesting http://example.com (ie. HTTP and no www)

– MrWhite
Sep 29 '17 at 15:00

@EricBurel You can't avoid the cert error in this instance - the SSL handshake occurs before your code executes (which is the whole point of SSL in the first place). If your redirect was able to execute before the browsers cert error then it would imply that the request had already been made over an insecure connection - which would be a fundamental failing in the SSL model.

– MrWhite
Sep 29 '17 at 15:03

+1 because it is the better option for this scenario, but note that this will not prevent the same problem from happening if the client accesses https://example.com, but in my opinion that is the least likely format to be typed in by a user. (The accepted answer will also have the same problem)

– Joshua Goossen
Mar 9 '16 at 19:45

@Larzan: Thats wrong. The certification exception occours only because you do 2 real redirects. Replace "[L,R=301]" with "[R=301]". Thenthe rules are not aborted. L=LAST

– defim
Apr 12 '16 at 23:01

If you need to handle https:// without www while having a certificate only on the www, simply add this rule to the solution :

RewriteCond %{HTTP_HOST} !^www. RewriteCond %{HTTPS} on RewriteRule ^(.*)$ http://www.%{HTTP_HOST}%{REQUEST_URI}[L,R=301]

It simply goes back to http when trying to connect to https://example.com to avoid certificate error.

– Eric Burel
Oct 27 '16 at 19:03

If you need to handle https:// without www while having a certificate only on the www, simply add this rule to the solution :

RewriteCond %{HTTP_HOST} !^www. RewriteCond %{HTTPS} on RewriteRule ^(.*)$ http://www.%{HTTP_HOST}%{REQUEST_URI}[L,R=301]

It simply goes back to http when trying to connect to https://example.com to avoid certificate error.

– Eric Burel
Oct 27 '16 at 19:03

The two rules should be reversed anyway (as you have done), in order to prevent a double redirect when requesting http://example.com (ie. HTTP and no www)

– MrWhite
Sep 29 '17 at 15:00

@EricBurel You can't avoid the cert error in this instance - the SSL handshake occurs before your code executes (which is the whole point of SSL in the first place). If your redirect was able to execute before the browsers cert error then it would imply that the request had already been made over an insecure connection - which would be a fundamental failing in the SSL model.

– MrWhite
Sep 29 '17 at 15:03

|
show 1 more comment

If you are using CloudFlare or a similar CDN you will get an infinite loop error with the %{HTTPS} solutions provided here. If you're a CloudFlare user you'll need to use this:

RewriteEngine On

RewriteCond %{HTTP:X-Forwarded-Proto} =http

RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

answered Nov 13 '14 at 23:30

Andrew

2,74732840

2

Please note the current advice on the Cloudflare support site is slightly different: support.cloudflare.com/hc/en-us/articles/…

– ColinMcDermott
Dec 22 '14 at 22:34

1

Agree with @h0mayun, the advice Cloudflare gives results in a redirect loop, whereas this code here works perfectly - thank you!

– hobailey
Mar 18 '15 at 23:15

1

I run angularjs on ec2. The solutions using RewriteCond %{HTTPS} !=on give me infinite redirection (not entirely sure why). This solution, with X-Forwarded-Proto, seems to do the trick. Thank you!

– Mark Watkins
Aug 4 '16 at 15:56

3

I modified =http to !=https for our environments. X-Forwarded-Proto header was not declared if http, so !=https did the trick.

– Johnathan Elmore
Sep 15 '16 at 15:48

add a comment |

If you are using CloudFlare or a similar CDN you will get an infinite loop error with the %{HTTPS} solutions provided here. If you're a CloudFlare user you'll need to use this:

RewriteEngine On

RewriteCond %{HTTP:X-Forwarded-Proto} =http

RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

answered Nov 13 '14 at 23:30

Andrew

2,74732840

2

Please note the current advice on the Cloudflare support site is slightly different: support.cloudflare.com/hc/en-us/articles/…

– ColinMcDermott
Dec 22 '14 at 22:34

1

Agree with @h0mayun, the advice Cloudflare gives results in a redirect loop, whereas this code here works perfectly - thank you!

– hobailey
Mar 18 '15 at 23:15

1

I run angularjs on ec2. The solutions using RewriteCond %{HTTPS} !=on give me infinite redirection (not entirely sure why). This solution, with X-Forwarded-Proto, seems to do the trick. Thank you!

– Mark Watkins
Aug 4 '16 at 15:56

3

I modified =http to !=https for our environments. X-Forwarded-Proto header was not declared if http, so !=https did the trick.

– Johnathan Elmore
Sep 15 '16 at 15:48

add a comment |

If you are using CloudFlare or a similar CDN you will get an infinite loop error with the %{HTTPS} solutions provided here. If you're a CloudFlare user you'll need to use this:

RewriteEngine On

RewriteCond %{HTTP:X-Forwarded-Proto} =http

RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

answered Nov 13 '14 at 23:30

Andrew

2,74732840

If you are using CloudFlare or a similar CDN you will get an infinite loop error with the %{HTTPS} solutions provided here. If you're a CloudFlare user you'll need to use this:

RewriteEngine On

RewriteCond %{HTTP:X-Forwarded-Proto} =http

RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

answered Nov 13 '14 at 23:30

Andrew

2,74732840

answered Nov 13 '14 at 23:30

Andrew

2,74732840

answered Nov 13 '14 at 23:30

Andrew

2,74732840

answered Nov 13 '14 at 23:30

Andrew

2,74732840

2

Please note the current advice on the Cloudflare support site is slightly different: support.cloudflare.com/hc/en-us/articles/…

– ColinMcDermott
Dec 22 '14 at 22:34

1

Agree with @h0mayun, the advice Cloudflare gives results in a redirect loop, whereas this code here works perfectly - thank you!

– hobailey
Mar 18 '15 at 23:15

1

I run angularjs on ec2. The solutions using RewriteCond %{HTTPS} !=on give me infinite redirection (not entirely sure why). This solution, with X-Forwarded-Proto, seems to do the trick. Thank you!

– Mark Watkins
Aug 4 '16 at 15:56

3

I modified =http to !=https for our environments. X-Forwarded-Proto header was not declared if http, so !=https did the trick.

– Johnathan Elmore
Sep 15 '16 at 15:48

add a comment |

2

Please note the current advice on the Cloudflare support site is slightly different: support.cloudflare.com/hc/en-us/articles/…

– ColinMcDermott
Dec 22 '14 at 22:34

1

Agree with @h0mayun, the advice Cloudflare gives results in a redirect loop, whereas this code here works perfectly - thank you!

– hobailey
Mar 18 '15 at 23:15

1

I run angularjs on ec2. The solutions using RewriteCond %{HTTPS} !=on give me infinite redirection (not entirely sure why). This solution, with X-Forwarded-Proto, seems to do the trick. Thank you!

– Mark Watkins
Aug 4 '16 at 15:56

3

I modified =http to !=https for our environments. X-Forwarded-Proto header was not declared if http, so !=https did the trick.

– Johnathan Elmore
Sep 15 '16 at 15:48

Please note the current advice on the Cloudflare support site is slightly different: support.cloudflare.com/hc/en-us/articles/…

– ColinMcDermott
Dec 22 '14 at 22:34

Agree with @h0mayun, the advice Cloudflare gives results in a redirect loop, whereas this code here works perfectly - thank you!

– hobailey
Mar 18 '15 at 23:15

I run angularjs on ec2. The solutions using RewriteCond %{HTTPS} !=on give me infinite redirection (not entirely sure why). This solution, with X-Forwarded-Proto, seems to do the trick. Thank you!

– Mark Watkins
Aug 4 '16 at 15:56

I modified =http to !=https for our environments. X-Forwarded-Proto header was not declared if http, so !=https did the trick.

– Johnathan Elmore
Sep 15 '16 at 15:48

add a comment |

BAD SOLUTION AND WHY!

Don't ever use the solution above because when you are using their code that is something like:

RewriteCond %{HTTPS} off

RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]



RewriteCond %{HTTP_HOST} !^www. [NC]

RewriteRule .* https://www.example.com%{REQUEST_URI} [L,R=301]

The browser goes to:

http://example.com

Then redirects to:

https://example.com

Then redirects to:

https://www.example.com

This is too much request to the server

BEST SOLUTION AND THE ANSWER

This code has an [OR] condition to prevent dual changes at url!

RewriteEngine on

RewriteCond %{HTTPS} off [OR]

RewriteCond %{HTTP_HOST} !^www. [NC]

RewriteRule (.*) https://www.example.com%{REQUEST_URI} [R=301,L]

Most of the answers even accepted one, don't use this trick.

edited Nov 24 '18 at 6:41

answered Mar 27 '17 at 17:22

Amir Forsati

976822

1

"BAD SOLUTION AND WHY!" - Those rules are just in the wrong order. Reverse those two rules and it will be correct - you'll get just one redirect and not two.

– MrWhite
Sep 23 '17 at 10:18

2

Yes, the code as given results in 2 redirects - I'm not disputing that - all I'm saying is that you simply need to reverse these rules to resolve this problem, no other change is required. (The "accepted" answer is indeed incorrect - which appears to be what you are referring to - the directives are in the wrong order.)

– MrWhite
Sep 24 '17 at 8:59

1

yup @AmirForsati is right. it is redirecting twice and this should be the accepted answer.

– Zakir hussain
Aug 20 '18 at 9:42

4

You can use this if you want to keep the domainname variable: RewriteEngine On RewriteCond %{HTTPS} off RewriteCond %{HTTP_HOST} !^www. [NC] RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301] RewriteCond %{HTTPS} off RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

– I.devries
Sep 10 '18 at 9:27

add a comment |

BAD SOLUTION AND WHY!

Don't ever use the solution above because when you are using their code that is something like:

RewriteCond %{HTTPS} off

RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]



RewriteCond %{HTTP_HOST} !^www. [NC]

RewriteRule .* https://www.example.com%{REQUEST_URI} [L,R=301]

The browser goes to:

http://example.com

Then redirects to:

https://example.com

Then redirects to:

https://www.example.com

This is too much request to the server

BEST SOLUTION AND THE ANSWER

This code has an [OR] condition to prevent dual changes at url!

RewriteEngine on

RewriteCond %{HTTPS} off [OR]

RewriteCond %{HTTP_HOST} !^www. [NC]

RewriteRule (.*) https://www.example.com%{REQUEST_URI} [R=301,L]

Most of the answers even accepted one, don't use this trick.

edited Nov 24 '18 at 6:41

answered Mar 27 '17 at 17:22

Amir Forsati

976822

1

"BAD SOLUTION AND WHY!" - Those rules are just in the wrong order. Reverse those two rules and it will be correct - you'll get just one redirect and not two.

– MrWhite
Sep 23 '17 at 10:18

2

Yes, the code as given results in 2 redirects - I'm not disputing that - all I'm saying is that you simply need to reverse these rules to resolve this problem, no other change is required. (The "accepted" answer is indeed incorrect - which appears to be what you are referring to - the directives are in the wrong order.)

– MrWhite
Sep 24 '17 at 8:59

1

yup @AmirForsati is right. it is redirecting twice and this should be the accepted answer.

– Zakir hussain
Aug 20 '18 at 9:42

4

You can use this if you want to keep the domainname variable: RewriteEngine On RewriteCond %{HTTPS} off RewriteCond %{HTTP_HOST} !^www. [NC] RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301] RewriteCond %{HTTPS} off RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

– I.devries
Sep 10 '18 at 9:27

add a comment |

BAD SOLUTION AND WHY!

Don't ever use the solution above because when you are using their code that is something like:

RewriteCond %{HTTPS} off

RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]



RewriteCond %{HTTP_HOST} !^www. [NC]

RewriteRule .* https://www.example.com%{REQUEST_URI} [L,R=301]

The browser goes to:

http://example.com

Then redirects to:

https://example.com

Then redirects to:

https://www.example.com

This is too much request to the server

BEST SOLUTION AND THE ANSWER

This code has an [OR] condition to prevent dual changes at url!

RewriteEngine on

RewriteCond %{HTTPS} off [OR]

RewriteCond %{HTTP_HOST} !^www. [NC]

RewriteRule (.*) https://www.example.com%{REQUEST_URI} [R=301,L]

Most of the answers even accepted one, don't use this trick.

edited Nov 24 '18 at 6:41

answered Mar 27 '17 at 17:22

Amir Forsati

976822

BAD SOLUTION AND WHY!

Don't ever use the solution above because when you are using their code that is something like:

RewriteCond %{HTTPS} off

RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]



RewriteCond %{HTTP_HOST} !^www. [NC]

RewriteRule .* https://www.example.com%{REQUEST_URI} [L,R=301]

The browser goes to:

http://example.com

Then redirects to:

https://example.com

Then redirects to:

https://www.example.com

This is too much request to the server

BEST SOLUTION AND THE ANSWER

This code has an [OR] condition to prevent dual changes at url!

RewriteEngine on

RewriteCond %{HTTPS} off [OR]

RewriteCond %{HTTP_HOST} !^www. [NC]

RewriteRule (.*) https://www.example.com%{REQUEST_URI} [R=301,L]

Most of the answers even accepted one, don't use this trick.

edited Nov 24 '18 at 6:41

answered Mar 27 '17 at 17:22

Amir Forsati

976822

edited Nov 24 '18 at 6:41

answered Mar 27 '17 at 17:22

Amir Forsati

976822

answered Mar 27 '17 at 17:22

Amir Forsati

976822

answered Mar 27 '17 at 17:22

Amir Forsati

976822

1

"BAD SOLUTION AND WHY!" - Those rules are just in the wrong order. Reverse those two rules and it will be correct - you'll get just one redirect and not two.

– MrWhite
Sep 23 '17 at 10:18

2

Yes, the code as given results in 2 redirects - I'm not disputing that - all I'm saying is that you simply need to reverse these rules to resolve this problem, no other change is required. (The "accepted" answer is indeed incorrect - which appears to be what you are referring to - the directives are in the wrong order.)

– MrWhite
Sep 24 '17 at 8:59

1

yup @AmirForsati is right. it is redirecting twice and this should be the accepted answer.

– Zakir hussain
Aug 20 '18 at 9:42

4

You can use this if you want to keep the domainname variable: RewriteEngine On RewriteCond %{HTTPS} off RewriteCond %{HTTP_HOST} !^www. [NC] RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301] RewriteCond %{HTTPS} off RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

– I.devries
Sep 10 '18 at 9:27

add a comment |

1

"BAD SOLUTION AND WHY!" - Those rules are just in the wrong order. Reverse those two rules and it will be correct - you'll get just one redirect and not two.

– MrWhite
Sep 23 '17 at 10:18

2

Yes, the code as given results in 2 redirects - I'm not disputing that - all I'm saying is that you simply need to reverse these rules to resolve this problem, no other change is required. (The "accepted" answer is indeed incorrect - which appears to be what you are referring to - the directives are in the wrong order.)

– MrWhite
Sep 24 '17 at 8:59

1

yup @AmirForsati is right. it is redirecting twice and this should be the accepted answer.

– Zakir hussain
Aug 20 '18 at 9:42

4

You can use this if you want to keep the domainname variable: RewriteEngine On RewriteCond %{HTTPS} off RewriteCond %{HTTP_HOST} !^www. [NC] RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301] RewriteCond %{HTTPS} off RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

– I.devries
Sep 10 '18 at 9:27

"BAD SOLUTION AND WHY!" - Those rules are just in the wrong order. Reverse those two rules and it will be correct - you'll get just one redirect and not two.

– MrWhite
Sep 23 '17 at 10:18

Yes, the code as given results in 2 redirects - I'm not disputing that - all I'm saying is that you simply need to reverse these rules to resolve this problem, no other change is required. (The "accepted" answer is indeed incorrect - which appears to be what you are referring to - the directives are in the wrong order.)

– MrWhite
Sep 24 '17 at 8:59

yup @AmirForsati is right. it is redirecting twice and this should be the accepted answer.

– Zakir hussain
Aug 20 '18 at 9:42

You can use this if you want to keep the domainname variable:

RewriteEngine On RewriteCond %{HTTPS} off RewriteCond %{HTTP_HOST} !^www. [NC] RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]  RewriteCond %{HTTPS} off RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

– I.devries
Sep 10 '18 at 9:27

You can use this if you want to keep the domainname variable:

RewriteEngine On RewriteCond %{HTTPS} off RewriteCond %{HTTP_HOST} !^www. [NC] RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]  RewriteCond %{HTTPS} off RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

– I.devries
Sep 10 '18 at 9:27

add a comment |

This is the best way I found for Proxy and not proxy users

RewriteEngine On



### START WWW & HTTPS



# ensure www.

RewriteCond %{HTTP_HOST} !^www. [NC]

RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]



# ensure https

RewriteCond %{HTTP:X-Forwarded-Proto} !https

RewriteCond %{HTTPS} off

RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]



### END WWW & HTTPS

answered Sep 9 '16 at 16:09

llioor

2,1721725

Correct This is the best way I found for Proxy and not proxy users +1

– Deep 3015
Sep 11 '17 at 12:42

1

This is the best one, as it solves multiple 301 redirects

– Niraj Chauhan
Oct 3 '17 at 14:13

1

best solution ever.

– S M Jobayer Alam
Sep 30 '18 at 8:04

Great answer. This is the only one that worked for me. Works if you are behind Cloudflare (though I have no page rules set up at Cloudflare).

– jasonco
Jan 6 at 6:49

add a comment |

This is the best way I found for Proxy and not proxy users

RewriteEngine On



### START WWW & HTTPS



# ensure www.

RewriteCond %{HTTP_HOST} !^www. [NC]

RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]



# ensure https

RewriteCond %{HTTP:X-Forwarded-Proto} !https

RewriteCond %{HTTPS} off

RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]



### END WWW & HTTPS

answered Sep 9 '16 at 16:09

llioor

2,1721725

Correct This is the best way I found for Proxy and not proxy users +1

– Deep 3015
Sep 11 '17 at 12:42

1

This is the best one, as it solves multiple 301 redirects

– Niraj Chauhan
Oct 3 '17 at 14:13

1

best solution ever.

– S M Jobayer Alam
Sep 30 '18 at 8:04

Great answer. This is the only one that worked for me. Works if you are behind Cloudflare (though I have no page rules set up at Cloudflare).

– jasonco
Jan 6 at 6:49

add a comment |

This is the best way I found for Proxy and not proxy users

RewriteEngine On



### START WWW & HTTPS



# ensure www.

RewriteCond %{HTTP_HOST} !^www. [NC]

RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]



# ensure https

RewriteCond %{HTTP:X-Forwarded-Proto} !https

RewriteCond %{HTTPS} off

RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]



### END WWW & HTTPS

answered Sep 9 '16 at 16:09

llioor

2,1721725

This is the best way I found for Proxy and not proxy users

RewriteEngine On



### START WWW & HTTPS



# ensure www.

RewriteCond %{HTTP_HOST} !^www. [NC]

RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]



# ensure https

RewriteCond %{HTTP:X-Forwarded-Proto} !https

RewriteCond %{HTTPS} off

RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]



### END WWW & HTTPS

answered Sep 9 '16 at 16:09

llioor

2,1721725

answered Sep 9 '16 at 16:09

llioor

2,1721725

answered Sep 9 '16 at 16:09

llioor

2,1721725

answered Sep 9 '16 at 16:09

llioor

2,1721725

Correct This is the best way I found for Proxy and not proxy users +1

– Deep 3015
Sep 11 '17 at 12:42

1

This is the best one, as it solves multiple 301 redirects

– Niraj Chauhan
Oct 3 '17 at 14:13

1

best solution ever.

– S M Jobayer Alam
Sep 30 '18 at 8:04

Great answer. This is the only one that worked for me. Works if you are behind Cloudflare (though I have no page rules set up at Cloudflare).

– jasonco
Jan 6 at 6:49

add a comment |

Correct This is the best way I found for Proxy and not proxy users +1

– Deep 3015
Sep 11 '17 at 12:42

1

This is the best one, as it solves multiple 301 redirects

– Niraj Chauhan
Oct 3 '17 at 14:13

1

best solution ever.

– S M Jobayer Alam
Sep 30 '18 at 8:04

Great answer. This is the only one that worked for me. Works if you are behind Cloudflare (though I have no page rules set up at Cloudflare).

– jasonco
Jan 6 at 6:49

Correct This is the best way I found for Proxy and not proxy users +1

– Deep 3015
Sep 11 '17 at 12:42

This is the best one, as it solves multiple 301 redirects

– Niraj Chauhan
Oct 3 '17 at 14:13

best solution ever.

– S M Jobayer Alam
Sep 30 '18 at 8:04

Great answer. This is the only one that worked for me. Works if you are behind Cloudflare (though I have no page rules set up at Cloudflare).

– jasonco
Jan 6 at 6:49

add a comment |

There are a lot of solutions out there. Here is a link to the apache wiki which deals with this issue directly.

http://wiki.apache.org/httpd/RewriteHTTPToHTTPS

RewriteEngine On

# This will enable the Rewrite capabilities



RewriteCond %{HTTPS} !=on

# This checks to make sure the connection is not already HTTPS



RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

# This rule will redirect users from their original location, to the same location but using HTTPS.

# i.e.  http://www.example.com/foo/ to https://www.example.com/foo/

# The leading slash is made optional so that this will work either in httpd.conf

# or .htaccess context

answered May 23 '14 at 7:47

Vynz

75779

6

This does not rewrite the URL to www. but it does rewrite to https://

– Thom
Dec 9 '14 at 18:14

I found by changing the rewrite condition from RewriteCond %{HTTPS} off to RewriteCond %{HTTPS} !=on that redirection would always happen, this seems the better answer to me.

– Samuel Hawksby-Robinson
Sep 26 '16 at 14:27

This solution should be accepted as a correct answer! Worked for me too!

– AndrewShmig
Dec 12 '18 at 0:35

add a comment |

There are a lot of solutions out there. Here is a link to the apache wiki which deals with this issue directly.

http://wiki.apache.org/httpd/RewriteHTTPToHTTPS

RewriteEngine On

# This will enable the Rewrite capabilities



RewriteCond %{HTTPS} !=on

# This checks to make sure the connection is not already HTTPS



RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

# This rule will redirect users from their original location, to the same location but using HTTPS.

# i.e.  http://www.example.com/foo/ to https://www.example.com/foo/

# The leading slash is made optional so that this will work either in httpd.conf

# or .htaccess context

answered May 23 '14 at 7:47

Vynz

75779

6

This does not rewrite the URL to www. but it does rewrite to https://

– Thom
Dec 9 '14 at 18:14

I found by changing the rewrite condition from RewriteCond %{HTTPS} off to RewriteCond %{HTTPS} !=on that redirection would always happen, this seems the better answer to me.

– Samuel Hawksby-Robinson
Sep 26 '16 at 14:27

This solution should be accepted as a correct answer! Worked for me too!

– AndrewShmig
Dec 12 '18 at 0:35

add a comment |

There are a lot of solutions out there. Here is a link to the apache wiki which deals with this issue directly.

http://wiki.apache.org/httpd/RewriteHTTPToHTTPS

RewriteEngine On

# This will enable the Rewrite capabilities



RewriteCond %{HTTPS} !=on

# This checks to make sure the connection is not already HTTPS



RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

# This rule will redirect users from their original location, to the same location but using HTTPS.

# i.e.  http://www.example.com/foo/ to https://www.example.com/foo/

# The leading slash is made optional so that this will work either in httpd.conf

# or .htaccess context

answered May 23 '14 at 7:47

Vynz

75779

There are a lot of solutions out there. Here is a link to the apache wiki which deals with this issue directly.

http://wiki.apache.org/httpd/RewriteHTTPToHTTPS

RewriteEngine On

# This will enable the Rewrite capabilities



RewriteCond %{HTTPS} !=on

# This checks to make sure the connection is not already HTTPS



RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

# This rule will redirect users from their original location, to the same location but using HTTPS.

# i.e.  http://www.example.com/foo/ to https://www.example.com/foo/

# The leading slash is made optional so that this will work either in httpd.conf

# or .htaccess context

answered May 23 '14 at 7:47

Vynz

75779

answered May 23 '14 at 7:47

Vynz

75779

answered May 23 '14 at 7:47

Vynz

75779

answered May 23 '14 at 7:47

Vynz

75779

6

This does not rewrite the URL to www. but it does rewrite to https://

– Thom
Dec 9 '14 at 18:14

I found by changing the rewrite condition from RewriteCond %{HTTPS} off to RewriteCond %{HTTPS} !=on that redirection would always happen, this seems the better answer to me.

– Samuel Hawksby-Robinson
Sep 26 '16 at 14:27

This solution should be accepted as a correct answer! Worked for me too!

– AndrewShmig
Dec 12 '18 at 0:35

add a comment |

6

This does not rewrite the URL to www. but it does rewrite to https://

– Thom
Dec 9 '14 at 18:14

I found by changing the rewrite condition from RewriteCond %{HTTPS} off to RewriteCond %{HTTPS} !=on that redirection would always happen, this seems the better answer to me.

– Samuel Hawksby-Robinson
Sep 26 '16 at 14:27

This solution should be accepted as a correct answer! Worked for me too!

– AndrewShmig
Dec 12 '18 at 0:35

This does not rewrite the URL to www. but it does rewrite to https://

– Thom
Dec 9 '14 at 18:14

I found by changing the rewrite condition from RewriteCond %{HTTPS} off to RewriteCond %{HTTPS} !=on that redirection would always happen, this seems the better answer to me.

– Samuel Hawksby-Robinson
Sep 26 '16 at 14:27

This solution should be accepted as a correct answer! Worked for me too!

– AndrewShmig
Dec 12 '18 at 0:35

add a comment |

To redirect http:// or https:// to https://www you can use the following rule on all versions of apache :

RewriteEngine on



RewriteCond %{HTTPS} off [OR]

RewriteCond %{HTTP_HOST} !^www.

RewriteRule ^ https://www.example.com%{REQUEST_URI} [NE,L,R]

Apache 2.4

RewriteEngine on



RewriteCond %{REQUEST_SCHEME} http [OR]

RewriteCond %{HTTP_HOST} !^www.

RewriteRule ^ https://www.example.com%{REQUEST_URI} [NE,L,R]

Note that The %{REQUEST_SCHEME} variable is available for use since apache 2.4 .

edited Jun 28 '16 at 16:52

answered Apr 27 '16 at 3:40

starkeen

30.5k156079

1

Problem!: If HTTP_HOST already contains www. but scheme is not HTTPS, then you end up with www.www. in your host.

– Jpsy
Jun 28 '16 at 16:46

@Jpsy you are right. I have updated the Redirect destination. Thanks for your input.

– starkeen
Jun 28 '16 at 16:55

1

This is almost what I was looking for but I want to keep the domain generic as in other examples. Is it possible?

– cronoklee
Oct 7 '16 at 9:55

add a comment |

To redirect http:// or https:// to https://www you can use the following rule on all versions of apache :

RewriteEngine on



RewriteCond %{HTTPS} off [OR]

RewriteCond %{HTTP_HOST} !^www.

RewriteRule ^ https://www.example.com%{REQUEST_URI} [NE,L,R]

Apache 2.4

RewriteEngine on



RewriteCond %{REQUEST_SCHEME} http [OR]

RewriteCond %{HTTP_HOST} !^www.

RewriteRule ^ https://www.example.com%{REQUEST_URI} [NE,L,R]

Note that The %{REQUEST_SCHEME} variable is available for use since apache 2.4 .

edited Jun 28 '16 at 16:52

answered Apr 27 '16 at 3:40

starkeen

30.5k156079

1

Problem!: If HTTP_HOST already contains www. but scheme is not HTTPS, then you end up with www.www. in your host.

– Jpsy
Jun 28 '16 at 16:46

@Jpsy you are right. I have updated the Redirect destination. Thanks for your input.

– starkeen
Jun 28 '16 at 16:55

1

This is almost what I was looking for but I want to keep the domain generic as in other examples. Is it possible?

– cronoklee
Oct 7 '16 at 9:55

add a comment |

To redirect http:// or https:// to https://www you can use the following rule on all versions of apache :

RewriteEngine on



RewriteCond %{HTTPS} off [OR]

RewriteCond %{HTTP_HOST} !^www.

RewriteRule ^ https://www.example.com%{REQUEST_URI} [NE,L,R]

Apache 2.4

RewriteEngine on



RewriteCond %{REQUEST_SCHEME} http [OR]

RewriteCond %{HTTP_HOST} !^www.

RewriteRule ^ https://www.example.com%{REQUEST_URI} [NE,L,R]

Note that The %{REQUEST_SCHEME} variable is available for use since apache 2.4 .

edited Jun 28 '16 at 16:52

answered Apr 27 '16 at 3:40

starkeen

30.5k156079

To redirect http:// or https:// to https://www you can use the following rule on all versions of apache :

RewriteEngine on



RewriteCond %{HTTPS} off [OR]

RewriteCond %{HTTP_HOST} !^www.

RewriteRule ^ https://www.example.com%{REQUEST_URI} [NE,L,R]

Apache 2.4

RewriteEngine on



RewriteCond %{REQUEST_SCHEME} http [OR]

RewriteCond %{HTTP_HOST} !^www.

RewriteRule ^ https://www.example.com%{REQUEST_URI} [NE,L,R]

Note that The %{REQUEST_SCHEME} variable is available for use since apache 2.4 .

edited Jun 28 '16 at 16:52

answered Apr 27 '16 at 3:40

starkeen

30.5k156079

edited Jun 28 '16 at 16:52

answered Apr 27 '16 at 3:40

starkeen

30.5k156079

answered Apr 27 '16 at 3:40

starkeen

30.5k156079

answered Apr 27 '16 at 3:40

starkeen

30.5k156079

1

Problem!: If HTTP_HOST already contains www. but scheme is not HTTPS, then you end up with www.www. in your host.

– Jpsy
Jun 28 '16 at 16:46

@Jpsy you are right. I have updated the Redirect destination. Thanks for your input.

– starkeen
Jun 28 '16 at 16:55

1

This is almost what I was looking for but I want to keep the domain generic as in other examples. Is it possible?

– cronoklee
Oct 7 '16 at 9:55

add a comment |

1

Problem!: If HTTP_HOST already contains www. but scheme is not HTTPS, then you end up with www.www. in your host.

– Jpsy
Jun 28 '16 at 16:46

@Jpsy you are right. I have updated the Redirect destination. Thanks for your input.

– starkeen
Jun 28 '16 at 16:55

1

This is almost what I was looking for but I want to keep the domain generic as in other examples. Is it possible?

– cronoklee
Oct 7 '16 at 9:55

Problem!: If HTTP_HOST already contains www. but scheme is not HTTPS, then you end up with www.www. in your host.

– Jpsy
Jun 28 '16 at 16:46

@Jpsy you are right. I have updated the Redirect destination. Thanks for your input.

– starkeen
Jun 28 '16 at 16:55

This is almost what I was looking for but I want to keep the domain generic as in other examples. Is it possible?

– cronoklee
Oct 7 '16 at 9:55

add a comment |

If you are on CloudFlare, make sure you use something like this.

# BEGIN SSL Redirect

<IfModule mod_rewrite.c>

RewriteEngine On

RewriteCond %{HTTP:X-Forwarded-Proto} =http

RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

</IfModule>

# END SSL Redirect

This will save you from the redirect loop and will redirect your site to SSL safely.

P.S. It is a good idea to if check the mod_rewrite.c!

answered Jul 10 '16 at 4:52

Ahmad Awais

11k24436

it does not redirect https : // theurlwithoutwww.com to https : // www.

– thesearentthedroids
Jul 21 '16 at 10:58

This is actually only working solution if you have some "add www" directives beforehand. Others solutions gives me "to many redirects".

– Daniel.P.
Jul 3 '17 at 20:30

add a comment |

If you are on CloudFlare, make sure you use something like this.

# BEGIN SSL Redirect

<IfModule mod_rewrite.c>

RewriteEngine On

RewriteCond %{HTTP:X-Forwarded-Proto} =http

RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

</IfModule>

# END SSL Redirect

This will save you from the redirect loop and will redirect your site to SSL safely.

P.S. It is a good idea to if check the mod_rewrite.c!

answered Jul 10 '16 at 4:52

Ahmad Awais

11k24436

it does not redirect https : // theurlwithoutwww.com to https : // www.

– thesearentthedroids
Jul 21 '16 at 10:58

This is actually only working solution if you have some "add www" directives beforehand. Others solutions gives me "to many redirects".

– Daniel.P.
Jul 3 '17 at 20:30

add a comment |

If you are on CloudFlare, make sure you use something like this.

# BEGIN SSL Redirect

<IfModule mod_rewrite.c>

RewriteEngine On

RewriteCond %{HTTP:X-Forwarded-Proto} =http

RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

</IfModule>

# END SSL Redirect

This will save you from the redirect loop and will redirect your site to SSL safely.

P.S. It is a good idea to if check the mod_rewrite.c!

answered Jul 10 '16 at 4:52

Ahmad Awais

11k24436

If you are on CloudFlare, make sure you use something like this.

# BEGIN SSL Redirect

<IfModule mod_rewrite.c>

RewriteEngine On

RewriteCond %{HTTP:X-Forwarded-Proto} =http

RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

</IfModule>

# END SSL Redirect

This will save you from the redirect loop and will redirect your site to SSL safely.

P.S. It is a good idea to if check the mod_rewrite.c!

answered Jul 10 '16 at 4:52

Ahmad Awais

11k24436

answered Jul 10 '16 at 4:52

Ahmad Awais

11k24436

answered Jul 10 '16 at 4:52

Ahmad Awais

11k24436

answered Jul 10 '16 at 4:52

Ahmad Awais

11k24436

it does not redirect https : // theurlwithoutwww.com to https : // www.

– thesearentthedroids
Jul 21 '16 at 10:58

This is actually only working solution if you have some "add www" directives beforehand. Others solutions gives me "to many redirects".

– Daniel.P.
Jul 3 '17 at 20:30

add a comment |

it does not redirect https : // theurlwithoutwww.com to https : // www.

– thesearentthedroids
Jul 21 '16 at 10:58

This is actually only working solution if you have some "add www" directives beforehand. Others solutions gives me "to many redirects".

– Daniel.P.
Jul 3 '17 at 20:30

it does not redirect https : // theurlwithoutwww.com to https : // www.

– thesearentthedroids
Jul 21 '16 at 10:58

This is actually only working solution if you have some "add www" directives beforehand. Others solutions gives me "to many redirects".

– Daniel.P.
Jul 3 '17 at 20:30

add a comment |

Set in your .htaccess file

RewriteEngine On

RewriteCond %{HTTP_HOST} !^www.

RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]

RewriteCond %{HTTPS} !=on

RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

answered Jul 25 '17 at 14:17

Adam Kozlowski

1,794622

add a comment |

Set in your .htaccess file

RewriteEngine On

RewriteCond %{HTTP_HOST} !^www.

RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]

RewriteCond %{HTTPS} !=on

RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

answered Jul 25 '17 at 14:17

Adam Kozlowski

1,794622

add a comment |

Set in your .htaccess file

RewriteEngine On

RewriteCond %{HTTP_HOST} !^www.

RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]

RewriteCond %{HTTPS} !=on

RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

answered Jul 25 '17 at 14:17

Adam Kozlowski

1,794622

Set in your .htaccess file

RewriteEngine On

RewriteCond %{HTTP_HOST} !^www.

RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]

RewriteCond %{HTTPS} !=on

RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

answered Jul 25 '17 at 14:17

Adam Kozlowski

1,794622

answered Jul 25 '17 at 14:17

Adam Kozlowski

1,794622

answered Jul 25 '17 at 14:17

Adam Kozlowski

1,794622

answered Jul 25 '17 at 14:17

Adam Kozlowski

1,794622

add a comment |

I try first answer and it doesnt work...
This work:

<IfModule mod_rewrite.c>

RewriteEngine On

RewriteBase /



RewriteCond %{ENV:HTTPS} !=on

RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]



# BEGIN WordPress

<IfModule mod_rewrite.c>

RewriteEngine On

RewriteBase /

RewriteRule ^index.php$ - [L]

RewriteCond %{REQUEST_FILENAME} !-f

RewriteCond %{REQUEST_FILENAME} !-d

RewriteRule . /index.php [L]

</IfModule>



# END WordPress

answered Aug 30 '18 at 14:45

Jackssn

48146

add a comment |

I try first answer and it doesnt work...
This work:

<IfModule mod_rewrite.c>

RewriteEngine On

RewriteBase /



RewriteCond %{ENV:HTTPS} !=on

RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]



# BEGIN WordPress

<IfModule mod_rewrite.c>

RewriteEngine On

RewriteBase /

RewriteRule ^index.php$ - [L]

RewriteCond %{REQUEST_FILENAME} !-f

RewriteCond %{REQUEST_FILENAME} !-d

RewriteRule . /index.php [L]

</IfModule>



# END WordPress

answered Aug 30 '18 at 14:45

Jackssn

48146

add a comment |

I try first answer and it doesnt work...
This work:

<IfModule mod_rewrite.c>

RewriteEngine On

RewriteBase /



RewriteCond %{ENV:HTTPS} !=on

RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]



# BEGIN WordPress

<IfModule mod_rewrite.c>

RewriteEngine On

RewriteBase /

RewriteRule ^index.php$ - [L]

RewriteCond %{REQUEST_FILENAME} !-f

RewriteCond %{REQUEST_FILENAME} !-d

RewriteRule . /index.php [L]

</IfModule>



# END WordPress

answered Aug 30 '18 at 14:45

Jackssn

48146

I try first answer and it doesnt work...
This work:

<IfModule mod_rewrite.c>

RewriteEngine On

RewriteBase /



RewriteCond %{ENV:HTTPS} !=on

RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]



# BEGIN WordPress

<IfModule mod_rewrite.c>

RewriteEngine On

RewriteBase /

RewriteRule ^index.php$ - [L]

RewriteCond %{REQUEST_FILENAME} !-f

RewriteCond %{REQUEST_FILENAME} !-d

RewriteRule . /index.php [L]

</IfModule>



# END WordPress

answered Aug 30 '18 at 14:45

Jackssn

48146

answered Aug 30 '18 at 14:45

Jackssn

48146

answered Aug 30 '18 at 14:45

Jackssn

48146

answered Aug 30 '18 at 14:45

Jackssn

48146

add a comment |

RewriteEngine On

RewriteCond %{HTTP_HOST} !^www.

RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]

Notes: Make sure you have done the following steps

sudo a2enmod rewrite

sudo service apache2 restart

Add Following in your vhost file, located at /etc/apache2/sites-available/000-default.conf

<Directory /var/www/html>

  Options Indexes FollowSymLinks MultiViews

  AllowOverride All

  Order allow,deny

  allow from all

  Require all granted

</Directory>

Now your .htaccess will
work and your site will redirect to http:// to https://www

edited Sep 7 '18 at 21:48

answered Sep 7 '18 at 21:41

Kundan roy

1,2532816

add a comment |

RewriteEngine On

RewriteCond %{HTTP_HOST} !^www.

RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]

Notes: Make sure you have done the following steps

sudo a2enmod rewrite

sudo service apache2 restart

Add Following in your vhost file, located at /etc/apache2/sites-available/000-default.conf

<Directory /var/www/html>

  Options Indexes FollowSymLinks MultiViews

  AllowOverride All

  Order allow,deny

  allow from all

  Require all granted

</Directory>

Now your .htaccess will
work and your site will redirect to http:// to https://www

edited Sep 7 '18 at 21:48

answered Sep 7 '18 at 21:41

Kundan roy

1,2532816

add a comment |

RewriteEngine On

RewriteCond %{HTTP_HOST} !^www.

RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]

Notes: Make sure you have done the following steps

sudo a2enmod rewrite

sudo service apache2 restart

Add Following in your vhost file, located at /etc/apache2/sites-available/000-default.conf

<Directory /var/www/html>

  Options Indexes FollowSymLinks MultiViews

  AllowOverride All

  Order allow,deny

  allow from all

  Require all granted

</Directory>

Now your .htaccess will
work and your site will redirect to http:// to https://www

edited Sep 7 '18 at 21:48

answered Sep 7 '18 at 21:41

Kundan roy

1,2532816

RewriteEngine On

RewriteCond %{HTTP_HOST} !^www.

RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]

Notes: Make sure you have done the following steps

sudo a2enmod rewrite

sudo service apache2 restart

Add Following in your vhost file, located at /etc/apache2/sites-available/000-default.conf

<Directory /var/www/html>

  Options Indexes FollowSymLinks MultiViews

  AllowOverride All

  Order allow,deny

  allow from all

  Require all granted

</Directory>

Now your .htaccess will
work and your site will redirect to http:// to https://www

edited Sep 7 '18 at 21:48

answered Sep 7 '18 at 21:41

Kundan roy

1,2532816

edited Sep 7 '18 at 21:48

answered Sep 7 '18 at 21:41

Kundan roy

1,2532816

answered Sep 7 '18 at 21:41

Kundan roy

1,2532816

answered Sep 7 '18 at 21:41

Kundan roy

1,2532816

add a comment |

RewriteEngine On 

RewriteCond %{SERVER_PORT} 80 

RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R]

answered Dec 14 '18 at 14:05

Анастасия Ермолик

9113

add a comment |

RewriteEngine On 

RewriteCond %{SERVER_PORT} 80 

RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R]

answered Dec 14 '18 at 14:05

Анастасия Ермолик

9113

add a comment |

RewriteEngine On 

RewriteCond %{SERVER_PORT} 80 

RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R]

answered Dec 14 '18 at 14:05

Анастасия Ермолик

9113

RewriteEngine On 

RewriteCond %{SERVER_PORT} 80 

RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R]

answered Dec 14 '18 at 14:05

Анастасия Ермолик

9113

answered Dec 14 '18 at 14:05

Анастасия Ермолик

9113

answered Dec 14 '18 at 14:05

Анастасия Ермолик

9113

answered Dec 14 '18 at 14:05

Анастасия Ермолик

9113

add a comment |

-2

This will work for both https and www

RewriteCond %{HTTPS} !=on

# This checks to make sure the connection is not already HTTPS

RewriteRule ^/?(.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]

answered May 20 '15 at 16:14

Nadeem As

375

1

https != on doesn't work on some servers and results in redirect loop

– user151496
Jan 15 '16 at 10:28

The equal sign in !=on is wrong. It should read: RewriteCond %{HTTPS} !on

– Jpsy
Jun 28 '16 at 16:41

or just use off.

– htm01
Jun 15 '17 at 7:36

add a comment |

-2

This will work for both https and www

RewriteCond %{HTTPS} !=on

# This checks to make sure the connection is not already HTTPS

RewriteRule ^/?(.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]

answered May 20 '15 at 16:14

Nadeem As

375

1

https != on doesn't work on some servers and results in redirect loop

– user151496
Jan 15 '16 at 10:28

The equal sign in !=on is wrong. It should read: RewriteCond %{HTTPS} !on

– Jpsy
Jun 28 '16 at 16:41

or just use off.

– htm01
Jun 15 '17 at 7:36

add a comment |

-2

This will work for both https and www

RewriteCond %{HTTPS} !=on

# This checks to make sure the connection is not already HTTPS

RewriteRule ^/?(.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]

answered May 20 '15 at 16:14

Nadeem As

375

This will work for both https and www

RewriteCond %{HTTPS} !=on

# This checks to make sure the connection is not already HTTPS

RewriteRule ^/?(.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]

answered May 20 '15 at 16:14

Nadeem As

375

answered May 20 '15 at 16:14

Nadeem As

375

answered May 20 '15 at 16:14

Nadeem As

375

answered May 20 '15 at 16:14

Nadeem As

375

1

https != on doesn't work on some servers and results in redirect loop

– user151496
Jan 15 '16 at 10:28

The equal sign in !=on is wrong. It should read: RewriteCond %{HTTPS} !on

– Jpsy
Jun 28 '16 at 16:41

or just use off.

– htm01
Jun 15 '17 at 7:36

add a comment |

1

https != on doesn't work on some servers and results in redirect loop

– user151496
Jan 15 '16 at 10:28

The equal sign in !=on is wrong. It should read: RewriteCond %{HTTPS} !on

– Jpsy
Jun 28 '16 at 16:41

or just use off.

– htm01
Jun 15 '17 at 7:36

https != on doesn't work on some servers and results in redirect loop

– user151496
Jan 15 '16 at 10:28

The equal sign in !=on is wrong. It should read: RewriteCond %{HTTPS} !on

– Jpsy
Jun 28 '16 at 16:41

or just use off.

– htm01
Jun 15 '17 at 7:36

add a comment |

protected by Community♦ Nov 7 '14 at 13:42

This page is only for reference, If you need detailed information, please check here

搜尋此網誌

Nsryjdtyk

htaccess redirect to https://www

13 Answers
13

About proxying

BAD SOLUTION AND WHY!

BEST SOLUTION AND THE ANSWER

protected by Community♦ Nov 7 '14 at 13:42

13 Answers
13

13 Answers
13

About proxying

About proxying

About proxying

About proxying

BAD SOLUTION AND WHY!

BEST SOLUTION AND THE ANSWER

BAD SOLUTION AND WHY!

BEST SOLUTION AND THE ANSWER

BAD SOLUTION AND WHY!

BEST SOLUTION AND THE ANSWER

BAD SOLUTION AND WHY!

BEST SOLUTION AND THE ANSWER

protected by Community♦ Nov 7 '14 at 13:42

Popular posts from this blog

Costa Masnaga

Fotorealismo

Sidney Franklin

htaccess redirect to https://www

13 Answers 13

About proxying

BAD SOLUTION AND WHY!

BEST SOLUTION AND THE ANSWER

protected by Community♦ Nov 7 '14 at 13:42

13 Answers 13

13 Answers 13

About proxying

About proxying

About proxying

About proxying

BAD SOLUTION AND WHY!

BEST SOLUTION AND THE ANSWER

BAD SOLUTION AND WHY!

BEST SOLUTION AND THE ANSWER

BAD SOLUTION AND WHY!

BEST SOLUTION AND THE ANSWER

BAD SOLUTION AND WHY!

BEST SOLUTION AND THE ANSWER

protected by Community♦ Nov 7 '14 at 13:42

Popular posts from this blog

Costa Masnaga

Fotorealismo

Sidney Franklin

13 Answers
13

13 Answers
13

13 Answers
13