stackoom
  简体   繁体   中英

.htaccess Forcing HTTPS and in some cases www. but excluding specific subdomains

 原文  2020-08-28 00:03:31       regex/ apache/ .htaccess/ mod-rewrite

Question

We are using cPanel for some websites and we use the following .htaccess rules and for the most part they work perfectly but they have a few issues...

# Force HTTPS & NON-WWW
<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{HTTPS} off [OR]
    RewriteCond %{HTTP_HOST} ^www\. [NC]
    RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
    RewriteRule ^ https://%1%{REQUEST_URI} [L,NE,R=301]
</IfModule>

With the rule below, if we visit non-www links they correctly get switched to www. links which is good

# Force HTTPS & WWW
<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{HTTPS} off [OR]
    RewriteCond %{HTTP_HOST} !^www\. [NC]
    RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
    RewriteRule ^ https://www.%1%{REQUEST_URI} [L,NE,R=301]
</IfModule>

The problem with this Force HTTPS & WWW rule is when we come to subdomains...

  1. If we visit staging.website.com it incorrectly gets rewritten to www.staging.website.com . Sure a condition like RewriteCond %{HTTP_HOST} !^staging\\. [NC] RewriteCond %{HTTP_HOST} !^staging\\. [NC] could be used but that means every subdomain would need one setup.
  2. Another issue with adding that condition is if we visit staging.website.com it won't be forced to use https...
  3. In a more complex setup we have a cPanel account where 3 websites are https:// and one is https://www. and for that particular cPanel account I don't know how I can modify these .htaccess rules to work for both scenarios...

#1 and #2 are most noticeable when it comes to ipv6.website.com

Rule Test for Forcing `httPs & WWW

  • https://website.com --> https://www.website.com

  • http://website.com --> https://www.website.com

  • https://www.website.com --> https://www.website.com

  • http://www.website.com --> https://www.website.com

  • https://ipv6.website.com --> https://ipv6.website.com

  • http://ipv6.website.com --> https://ipv6.website.com

  • https://www.ipv6.website.com --> https://ipv6.website.com

  • http://www.ipv6.website.com --> https://ipv6.website.com

  • https://randomsubdomain.website.com --> https://www.randomsubdomain.website.com

  • http://randomsubdomain.website.com --> https://www.randomsubdomain.website.com

  • https://www.randomsubdomain.website.com --> https://www.randomsubdomain.website.com

  • http://www.randomsubdomain.website.com --> https://www.randomsubdomain.website.com

  • https://ftp.website.com --> http://ftp.website.com

  • http://ftp.website.com --> http://ftp.website.com

  • https://www.ftp.website.com --> http://ftp.website.com

  • http://www.ftp.website.com --> http://ftp.website.com

Rule Test for Forcing `httPs & Non-WWW

  • https://website.com --> https://website.com

  • http://website.com --> https://website.com

  • https://www.website.com --> https://website.com

  • http://www.website.com --> https://website.com

  • https://ipv6.website.com --> https://ipv6.website.com

  • http://ipv6.website.com --> https://ipv6.website.com

  • https://www.ipv6.website.com --> https://ipv6.website.com

  • http://www.ipv6.website.com --> https://ipv6.website.com

  • https://randomsubdomain.website.com --> https://randomsubdomain.website.com

  • http://randomsubdomain.website.com --> https://randomsubdomain.website.com

  • https://randomsubdomain.website.com --> https://www.randomsubdomain.website.com

  • http://randomsubdomain.website.com --> https://www.randomsubdomain.website.com

  • https://ftp.website.com --> http://ftp.website.com

  • http://ftp.website.com --> http://ftp.website.com

  • https://www.ftp.website.com --> http://ftp.website.com

  • http://www.ftp.website.com --> http://ftp.website.com

1 answers

solution1
 1 ACCPTED  2020-10-02 06:35:24

It appears you need to have 2 separate redirect rules here:

  1. For root domain to add www and https://
  2. For sub domains to add https:// only

You can have your .htaccess as this:

<IfModule mod_rewrite.c>
    RewriteEngine On

    # enforce http:// and non-www for ftp domain:
    RewriteCond %{HTTPS} on [OR]
    RewriteCond %{HTTP_HOST} ^www\. [NC]
    RewriteCond %{HTTP_HOST} ^(?:www\.)?(ftp\..+)$ [NC]
    RewriteRule ^ http://%1%{REQUEST_URI} [L,NE,R=301]

    RewriteCond %{HTTP_HOST} ^ftp\. [NC]
    RewriteRule ^ - [L]

    # Force HTTPS & WWW for any subdomain not in list
    RewriteCond %{HTTPS} !on [OR]
    RewriteCond %{HTTP_HOST} !^www\. [NC]
    RewriteCond %{HTTP_HOST} !(?:^|\.)(?:ipv6|mail|mobile|staging|cpanel)\. [NC]
    RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
    RewriteRule ^ https://www.%1%{REQUEST_URI} [L,NE,R=301]

    # Force HTTPS & non-WWW for listed sub domains
    RewriteCond %{HTTPS} !on [OR]
    RewriteCond %{HTTP_HOST} ^www\. [NC]
    RewriteCond %{HTTP_HOST} ^(?:www\.)?((?:ipv6|maill|mobile|staging|cpanel)\..+)$ [NC]
    RewriteRule ^ https://%1%{REQUEST_URI} [L,NE,R=301]
    
</IfModule>

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Forcing HTTPS and www on root domain, but not on subdomains PHP validate URL without http:// ot https:// or www. or subdomains htaccess force https and redirect www to non-www, but no other subdomains Redirect all non-www, www, http:// requests to https://www. using .htaccess file htaccess eliminate www then redirect all non subdomains traffic to https Adding a http://www. to this regex and disallowing subdomains How to force redirect a subdomain to 'https://www.'? How redirect .htaccess to www. version? (not working) Forcing a URL field to not have “http://www.” using regex .htaccess in folder, non-www to www. Issues with another RewriteRule
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM