Generic htaccess rewrite: always use https and www

Question

I am searching for a generic htaccess rewrite which forces the user to use https and www. Hence, the following URLs should all be rewritten to https://www.domain.tld/some/path:

It should be a generic solution, so that the domain name is not contained in the rule. Most probably, the rule will contain something like %{HTTP_HOST}%{REQUEST_URI} or %1/$1. Please describe why you use the one or the other.

Although there are tons of questions similar to this one, I did not find a solution which combines both - https and www redirection. Hope you can help.

Edit 1:

I tried the solutions by @anubhava, but I am getting a "too many redirects" error. Since the site is a Magento site, the htaccess is slightly more difficult. The following are the two mod_rewrite sections which I tried:



############################################
## enable rewrites

    Options +FollowSymLinks
    RewriteEngine on

    RewriteCond %{HTTP_HOST} !^www\. [NC]
    RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

    RewriteCond %{HTTPS} off
    RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

############################################
## you can put here your magento root folder
## path relative to web root

    #RewriteBase /magento/

############################################
## uncomment next line to enable light API calls processing

#    RewriteRule ^api/([a-z][0-9a-z_]+)/?$ api.php?type=$1 [QSA,L]

############################################
## rewrite API2 calls to api.php (by now it is REST only)

    RewriteRule ^api/rest api.php?type=rest [QSA,L]

############################################
## workaround for HTTP authorization
## in CGI environment

    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

############################################
## TRACE and TRACK HTTP methods disabled to prevent XSS attacks

    RewriteCond %{REQUEST_METHOD} ^TRAC[EK]
    RewriteRule .* - [L,R=405]

############################################
## redirect for mobile user agents

    #RewriteCond %{REQUEST_URI} !^/mobiledirectoryhere/.*$
    #RewriteCond %{HTTP_USER_AGENT} "android|blackberry|ipad|iphone|ipod|iemobile|opera mobile|palmos|webos|googlebot-mobile" [NC]
    #RewriteRule ^(.*)$ /mobiledirectoryhere/ [L,R=302]

############################################
## always send 404 on missing files in these folders

    RewriteCond %{REQUEST_URI} !^/(media|skin|js)/

############################################
## never rewrite for existing files, directories and links

    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-l

############################################
## rewrite everything else to index.php

    RewriteRule .* index.php [L]

And the second version:



############################################
## enable rewrites

    Options +FollowSymLinks
    RewriteEngine on

    RewriteCond %{HTTPS} off [OR]
    RewriteCond %{HTTP_HOST} !^www\.
    RewriteRule ^ https://www.domain.tld%{REQUEST_URI} [R=301,L]

############################################
## you can put here your magento root folder
## path relative to web root

    #RewriteBase /magento/

############################################
## uncomment next line to enable light API calls processing

#    RewriteRule ^api/([a-z][0-9a-z_]+)/?$ api.php?type=$1 [QSA,L]

############################################
## rewrite API2 calls to api.php (by now it is REST only)

    RewriteRule ^api/rest api.php?type=rest [QSA,L]

############################################
## workaround for HTTP authorization
## in CGI environment

    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

############################################
## TRACE and TRACK HTTP methods disabled to prevent XSS attacks

    RewriteCond %{REQUEST_METHOD} ^TRAC[EK]
    RewriteRule .* - [L,R=405]

############################################
## redirect for mobile user agents

    #RewriteCond %{REQUEST_URI} !^/mobiledirectoryhere/.*$
    #RewriteCond %{HTTP_USER_AGENT} "android|blackberry|ipad|iphone|ipod|iemobile|opera mobile|palmos|webos|googlebot-mobile" [NC]
    #RewriteRule ^(.*)$ /mobiledirectoryhere/ [L,R=302]

############################################
## always send 404 on missing files in these folders

    RewriteCond %{REQUEST_URI} !^/(media|skin|js)/

############################################
## never rewrite for existing files, directories and links

    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-l

############################################
## rewrite everything else to index.php

    RewriteRule .* index.php [L]

Any ideas?

Edit 2:

Just setting up Magento to use https for secure and unsecure base URL as proposed by @anubhava does not solve the problem. The URL http://www.domain.tld/some/path is then redirected to https://www.domain.tld instead of https://www.domain.tld/some/path.

anubhava · Accepted Answer

Clear your browser cache and restart your browser first.

Magento setting change

Open admin panel and visit System -> Configration -> Web panel and set Base URL (for both secured and unsecured) as https://www.domain.tld/.

then set

Auto-redirect to Base URL = No

Use Secure URLs in Frontend = Yes

Use Secure URLs in Admin = Yes

Save your settings, clear your Magento cache

Magento .htaccess change

Put this code in your .htaccess in the base magento directory just below RewriteBase line:

RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

Generic htaccess rewrite: always use https and www

Answers (2)

Magento setting change

Magento .htaccess change

Related Questions