.htaccess force to HTTPS in a folder

Question

I am trying to redirect a forum index to use HTTPS for everything, but .htaccess is pretty new to me and i am learning so anyone could give a hand i would appreciate it :)

So i have the forum in a subdirectory called SMF. Currently everything is going to www.website.net/smf/index.php

But i wanted to redirect everything to HTTPS, while keeping the /smf/index.php structure.

Here is the current .htaccess i have in my main html_public:

# .htaccess main domain to subdirectory redirect
# Do not change this line.
RewriteEngine on
# Change example.com to be your main domain.
RewriteCond %{HTTP_HOST} ^(www.)?example.com$
# Change 'subdirectory' to be the directory you will use for your main domain.
RewriteCond %{REQUEST_URI} !^/subdirectory/
# Don't change the following two lines.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# Change 'subdirectory' to be the directory you will use for your main domain.
RewriteRule ^(.*)$ /subdirectory/$1
# Change example.com to be your main domain again.
# Change 'subdirectory' to be the directory you will use for your main domain
# followed by / then the main file for your site, index.php, index.html, etc.
RewriteCond %{HTTP_HOST} ^(www.)?example.com$
RewriteRule ^(/)?$ subdirectory/index.php [L] 

When i change ANYTHING, everything goes bananas. Everything in the forum is in subdirectory folder, including the index.php and so on. (please note i changed the website url to example.com and the subdirectory, to subdirectory only in copy paste code)

I am going bananas trying to make the website show https, but whenever i try something it doesnt work and gives me https://www.website.com//smf/index.php and i cant remove the // :(

Is there anyway i can clean the code and make it more simple and easier to understand?

Thanks!

Answer 1

I have had many nights struggling around the .htaccess file... But heres the deal, this file actually has nothing to do with php, but is actually associated with Apache. This is a separate program from PHP (which is its self a programing language and compiler). And not to get off on to much of a tangent, but this means you can run php in a terminal with out a browser. Any hoot, because Apache isn't programmed in PHP, and is solely designed to handle HTTP(s) server requests some of the code to make it work may be operating system dependent. This was the cause of a lot of struggle when running locally and trying to deploy to my remote server. This is all just from my experience, so if someone knows more please feel free to share.

This is what I use now to send to https.

# Remove www. RewriteBase / RewriteCond %{HTTP_HOST} ^www\\.(.*)$ [NC] RewriteRule ^(.*)$ https://%1/$1 [R=301,L]

But I have used these variants before too.

#Turn on https ( Cent OS ) RewriteCond %{HTTPS} off RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

# Turn on https ( Mac OS ) RewriteCond %{HTTP:X-Forwarded-Proto} !https RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

I recommend for portability to make this feature yourself in php directly.

You can detect https using something like this below, which will set a global constant Boolean named 'HTTPS'

\\define('HTTPS', ($_SERVER['HTTP_X_FORWARDED_PROTO'] ?? false) === 'https' || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off');

This is php 7 code

Then you'd just redirect how you see fit if it false.

Answer 2

Options +FollowSymLinks -MultiViews
# Turn mod_rewrite on
RewriteEngine On
RewriteBase /

## hide .php extension
# To externally redirect /dir/foo.php to /dir/foo
RewriteCond %{THE_REQUEST} ^[A-Z]{3,}\s([^.]+)\.php [NC]
RewriteRule ^ %1 [R=307,L,NC]

## To internally redirect /dir/foo to /dir/foo.php
RewriteCond %{REQUEST_FILENAME}.php -f
RewriteRule ^ %{REQUEST_FILENAME}.php [L]

RewriteCond %{REQUEST_FILENAME}.html -f
RewriteRule ^ %{REQUEST_FILENAME}.html [L]

RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

#ErrorDocument 404 /404.php
#ErrorDocument 403 /403.php

Options -Indexes