How can I redirect all HTTP traffic to the HTTPS website?

  • Poly
  • Guru
  • Guru
  • User avatar
  • Posts: 1091
  • Loc: Same place you left me.

Post 3+ Months Ago

Just setup SSL on one of my sites. Attempted to use .htaccess to redirect all incoming traffic to https://, but when attempting to access the website, it gives me the "Could not open page, too many redirects." error.

.htaccess code:
Code: [ Select ]
Redirect permanent / https://www.DOMAIN.com


What should/can I do to redirect all traffic to the https:// page?
  • Anonymous
  • Bot
  • No Avatar
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post 3+ Months Ago

  • Zealous
  • Guru
  • Guru
  • User avatar
  • Posts: 1244
  • Loc: Sydney

Post 3+ Months Ago

So i can think of 3 ways

1) Use cPanel for Apache redirection

2)
Code: [ Select ]
<meta http-equiv="refresh" content="0;URL=domain.com" />


3) Add redirection as variable

any help?
  • Bigwebmaster
  • Site Admin
  • Site Admin
  • User avatar
  • Posts: 9090
  • Loc: Seattle, WA & Phoenix, AZ

Post 3+ Months Ago

If you want to do it via .htaccess you could do something like this:

Code: [ Select ]
#If the page is NOT secure, and the request URI is supposed to be a secure page, then redirect to a secure page
RewriteCond %{SERVER_PORT} 80 [OR]
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://www.domain.com/$1 [R=permanent,L,NC]
  1. #If the page is NOT secure, and the request URI is supposed to be a secure page, then redirect to a secure page
  2. RewriteCond %{SERVER_PORT} 80 [OR]
  3. RewriteCond %{HTTPS} !on
  4. RewriteRule (.*) https://www.domain.com/$1 [R=permanent,L,NC]
  • Zealous
  • Guru
  • Guru
  • User avatar
  • Posts: 1244
  • Loc: Sydney

Post 3+ Months Ago

Bigwebmaster wrote:
If you want to do it via .htaccess you could do something like this:

Code: [ Select ]
#If the page is NOT secure, and the request URI is supposed to be a secure page, then redirect to a secure page
RewriteCond %{SERVER_PORT} 80 [OR]
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://www.domain.com/$1 [R=permanent,L,NC]
  1. #If the page is NOT secure, and the request URI is supposed to be a secure page, then redirect to a secure page
  2. RewriteCond %{SERVER_PORT} 80 [OR]
  3. RewriteCond %{HTTPS} !on
  4. RewriteRule (.*) https://www.domain.com/$1 [R=permanent,L,NC]


Just wondering, what would be the most friendly way of doing redirections as i just use cPanel or just add some code to do what i want. but just wondering if there is any extra advantage of using .HTa files?
  • Bigwebmaster
  • Site Admin
  • Site Admin
  • User avatar
  • Posts: 9090
  • Loc: Seattle, WA & Phoenix, AZ

Post 3+ Months Ago

When you do anything with CPanel with regards to redirection, that is typically what it does for you is create htaccess files or modifies the httpd.conf configuration file directly. You just have more control with doing exactly what you want when using htaccess files as CPanel is limited on exactly what you can do. For example, the above part that I wrote is not possible I believe by changing any settings in CPanel.
  • Poly
  • Guru
  • Guru
  • User avatar
  • Posts: 1091
  • Loc: Same place you left me.

Post 3+ Months Ago

Bigwebmaster wrote:
If you want to do it via .htaccess you could do something like this:

Code: [ Select ]
#If the page is NOT secure, and the request URI is supposed to be a secure page, then redirect to a secure page
RewriteCond %{SERVER_PORT} 80 [OR]
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://www.domain.com/$1 [R=permanent,L,NC]
  1. #If the page is NOT secure, and the request URI is supposed to be a secure page, then redirect to a secure page
  2. RewriteCond %{SERVER_PORT} 80 [OR]
  3. RewriteCond %{HTTPS} !on
  4. RewriteRule (.*) https://www.domain.com/$1 [R=permanent,L,NC]


Can you explain what each step is doing in the code? I'm not very familiar with using .htaccess, and want to have an understanding of what I'm implementing.
  • Bigwebmaster
  • Site Admin
  • Site Admin
  • User avatar
  • Posts: 9090
  • Loc: Seattle, WA & Phoenix, AZ

Post 3+ Months Ago

Line 1 is a comment obviously

Line 2 is starting an if statement. It is saying if the server port is 80 or if https is not on (line 3), then do the rewrite rule below. As you may or may not know HTTPS on a website is typically always with port 443. Non secure pages are typically port 80. So by default when you don't specify a port in your URL, HTTP is always 80 and HTTPS is always 443. So with the above htaccess file I am saying if it is port 80 or if the environmental variable HTTPS is not on, then go forward. The reason I check for both is sometimes that environmental variable is not set on some server configurations from my understanding, and it is possible the other variable isn't set on other's so by just using both you increase chances. You could test which one works for your server and just use one if you wanted.

Line 4 is the rewrite rule. This rewrite rule just rewrites everything, but is only executed if the conditionals above pass. Since it is in parenthesis, then the entire path is stored in $1 and I can use it to make sure whatever URL they request on the HTTP side is forwarded to the same on the https side. So for instance if they went to:

http://www.domain.com/a-specific-page-12345.html

then it would redirect exactly to:

https://www.domain.com/a-specific-page-12345.html

Hope that helps :)
  • Zealous
  • Guru
  • Guru
  • User avatar
  • Posts: 1244
  • Loc: Sydney

Post 3+ Months Ago

Bigwebmaster wrote:
Line 1 is a comment obviously

Line 2 is starting an if statement. It is saying if the server port is 80 or if https is not on (line 3), then do the rewrite rule below. As you may or may not know HTTPS on a website is typically always with port 443. Non secure pages are typically port 80. So by default when you don't specify a port in your URL, HTTP is always 80 and HTTPS is always 443. So with the above htaccess file I am saying if it is port 80 or if the environmental variable HTTPS is not on, then go forward. The reason I check for both is sometimes that environmental variable is not set on some server configurations from my understanding, and it is possible the other variable isn't set on other's so by just using both you increase chances. You could test which one works for your server and just use one if you wanted.

Line 4 is the rewrite rule. This rewrite rule just rewrites everything, but is only executed if the conditionals above pass. Since it is in parenthesis, then the entire path is stored in $1 and I can use it to make sure whatever URL they request on the HTTP side is forwarded to the same on the https side. So for instance if they went to:

http://www.domain.com/a-specific-page-12345.html

then it would redirect exactly to:

https://www.domain.com/a-specific-page-12345.html

Hope that helps :)


Bows Down to WebMaster lol

good info as all ways, i guess i should start writing these manually.
  • Poly
  • Guru
  • Guru
  • User avatar
  • Posts: 1091
  • Loc: Same place you left me.

Post 3+ Months Ago

Bigwebmaster wrote:
Line 4 is the rewrite rule. This rewrite rule just rewrites everything, but is only executed if the conditionals above pass. Since it is in parenthesis, then the entire path is stored in $1 and I can use it to make sure whatever URL they request on the HTTP side is forwarded to the same on the https side. So for instance if they went to:

http://www.domain.com/a-specific-page-12345.html

then it would redirect exactly to:

https://www.domain.com/a-specific-page-12345.html

Hope that helps :)


Ok, so by using (.*) and $1, your grabbing the entire path, checking it against the conditions, then passing everything after your trailing / to $1? So using your example:

I attempt to access the following:
http://www.domain.com/a-specific-page-12345.html

The script checks for https:// or to see if your connecting on 443, if your not, it sends 'a-specific-page-12345.html' to $1, making it https://www.domain.com/a-specific-page-12345.html?

Or is it storing the entire URL http://www.domain.com/a-specific-page-12345.html, checking to see if the conditions are true, if they aren't then appending http:// to https://?

Thanks for the info!
  • Bigwebmaster
  • Site Admin
  • Site Admin
  • User avatar
  • Posts: 9090
  • Loc: Seattle, WA & Phoenix, AZ

Post 3+ Months Ago

Poly wrote:
The script checks for https:// or to see if your connecting on 443, if your not, it sends 'a-specific-page-12345.html' to $1, making it https://www.domain.com/a-specific-page-12345.html?


That one would be correct :)
  • Poly
  • Guru
  • Guru
  • User avatar
  • Posts: 1091
  • Loc: Same place you left me.

Post 3+ Months Ago

Bigwebmaster wrote:
Poly wrote:
The script checks for https:// or to see if your connecting on 443, if your not, it sends 'a-specific-page-12345.html' to $1, making it https://www.domain.com/a-specific-page-12345.html?


That one would be correct :)


Awesome, thanks for the info.

Post Information

  • Total Posts in this topic: 11 posts
  • Users browsing this forum: No registered users and 3 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.