[英]htaccess - redirect to https not working
Per: https://exp-resso.com/blog/post/2011/08/securing-your-expressionengine-website-with-https 每个: https : //exp-resso.com/blog/post/2011/08/securing-your-expressionengine-website-with-https
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond $1 ^(member|account|checkout|system) [NC]
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
This tells your server “If HTTPS is off, and the request starts with member OR account OR checkout OR system (not case sensitive), redirect to
https://current-domain/current-page
”.这告诉您的服务器“如果HTTPS已关闭,并且请求以成员OR帐户OR结帐OR系统(不区分大小写)开始,请重定向到
https://current-domain/current-page
”。 It's a nice simple method of locking down entire subfolders / template groups.这是锁定整个子文件夹/模板组的一种很好的简单方法。
I've added this to my htaccess file like this: 我已将其添加到我的htaccess文件中,如下所示:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond $1 ^(sign-in|sign-up) [NC]
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>
However, when I go to my http://mydomain.com/sign-in , the URL doesn't change to https://mydomain.com/sign-in . 但是,当我转到http://mydomain.com/sign-in时 ,URL不会更改为https://mydomain.com/sign-in 。 Any idea what's wrong?
知道有什么问题吗?
EDIT 1: 编辑1:
My htaccess also has the following (to remove "www") and I wonder if having both might be causing the problem? 我的htaccess也有以下内容(删除“ www”),我想知道两者是否都可能引起问题?
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L]
EDIT 2: 编辑2:
Process of elimination, it turns out this is causing the problem: 消除过程,原来是造成问题的原因:
<IfModule mod_rewrite.c>
RewriteEngine On
# Removes index.php from ExpressionEngine URLs
RewriteCond $1 !\.(gif|jpe?g|png)$ [NC]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /index.php/$1 [L]
</IfModule>
When I comment out the RewriteRule, the https:// is forces. 当我注释掉RewriteRule时,https://是强制的。 What's causing the conflict?
是什么引起冲突?
Try to put (sign-in|sign-up) condition inside RewriteRule: 尝试在RewriteRule中放入(登录|注册)条件:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(sign-in|sign-up)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,NC,R=301]
What about this? 那这个呢? (If port == 80 then redirect )
(如果端口== 80,则重定向)
RewriteEngine on
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} member [OR]
RewriteCond %{REQUEST_URI} account [OR]
RewriteCond %{REQUEST_URI} checkout [OR]
RewriteCond %{REQUEST_URI} system
RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
First make sure that rewrite works on your server and that the htaccess is read (eg by issuing a redirect on every URL). 首先,确保重写在您的服务器上有效,并且htaccess被读取(例如,通过在每个URL上发出重定向)。
Then use RewriteCond %{REQUEST_URI} ^/(sign-in|sign-up)
instead of RewriteCond $1 ^(sign-in|sign-up) [NC]
然后使用
RewriteCond %{REQUEST_URI} ^/(sign-in|sign-up)
代替RewriteCond $1 ^(sign-in|sign-up) [NC]
It works and is easier to read too 它有效并且也更容易阅读
So you htaccess should look like this 所以你的htaccess应该看起来像这样
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteCond %{REQUEST_URI} ^/(sign-in|sign-up) [NC]
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.