zf2 - 使用.htaccess强制SSL / https

Question

I have followed this question and also this question But didn't helped me much.

I'm on Zend Framework2

I'm getting page is not redirecting properly error.

This is my .htaccess file,

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{REQUEST_FILENAME} -s [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteCond %{REQUEST_URI}::$1 ^(/.+)(.+)::\2$
RewriteRule ^(.*) - [E=BASE:%1]
RewriteCond $1 !^(index\.php|robots\.txt|(.*).gif|(.*).jpg|(.*).png|(.*).jpeg|(.*).GIF|(.*).JPG|(.*).PNG|(.*).JPEG|upload|(.*).js|(.*).css)
RewriteRule ^(.*)$ %{ENV:BASE}index.php [NC,L]

<IfModule mod_deflate.c>
<IfModule mod_setenvif.c>
<IfModule mod_headers.c>
SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding
RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding
</IfModule>
</IfModule>

<IfModule mod_filter.c>
AddOutputFilterByType DEFLATE application/atom+xml \
application/javascript \
application/json \
application/rss+xml \
application/vnd.ms-fontobject \
application/x-font-ttf \
application/x-web-app-manifest+json \
application/xhtml+xml \
application/xml \
font/opentype \
image/svg+xml \
image/x-icon \
text/css \
text/html \
text/plain \
text/x-component \
text/xml
</IfModule>
</IfModule>

<IfModule mod_php5.c>
    #Session timeout 90 days - 7776000
    php_value session.cookie_lifetime 7776000
    php_value session.gc_maxlifetime 7776000
</IfModule>

I have added this at the starting of the .htaccess file,

RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

But didn't worked for me.

What am I doing wrong?

Edit - Apache version is 2.2.15.

Answer 1

Favori solution.

<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
    RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
    RewriteRule ^ https://%1%{REQUEST_URI} [R=301,L]
</IfModule>

A nice answer Best Practice: 301 Redirect HTTP to HTTPS (Standard Domain)

Answer 2

Try using in htaccess

RewriteCond %{HTTP_HOST} ^example.net$ [NC]
RewriteRule (.*) https://www.example.net/$1 [R=301,L]

or just add an function to your bootstrap file

    protected function _initForceSSL() {
    if($_SERVER['SERVER_PORT'] != '443') {
        header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
        exit();
    }
}

Answer 3

Have you tried this?

RewriteBase /
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ http://%1/$1 [R=301,L]

Answer 4

You can try this

#Rewrite to HTTPS
RewriteCond %{HTTPS} off
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

This worked for me.

Answer 5

To force all web traffic to use HTTPS insert the following lines of code in the .htaccess file in your website's root folder.

Important: If you have existing code in your .htacess, add this above where there are already rules with a similar starting prefix.

To force a specific domain to use HTTPS, use the following lines of code in the .htaccess file in your website's root folder:

RewriteEngine On 
RewriteCond %{HTTP_HOST} ^example\.com [NC]
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

Make sure to replace example.com with the domain name you're trying force to https. Additionally, you need to replace www.example.com with your actual domain name.

If you want to force SSL on a specific folder you can insert the code below into a .htaccess file placed in that specific folder:

RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteCond %{REQUEST_URI} folder 
RewriteRule ^(.*)$ https://www.example.com/folder/$1 [R,L]

Make sure you change the folder reference to the actual folder name. Then be sure to replace www.example.com/folder with your actual domain name and folder you want to force the SSL on.