CODEWITHSUNDEEP
php.htaccesshttps
unicornication32232
unicornication32232

Reputation: 11

How to redirect index.php to HTTPS only?

This question has been asked many times, but I've tried a lot of different variations with no success - here are examples of what I've tried and what I get:

Gives 500 Internal Server Error:
<Location /index.php>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</Location>

Gives TOO MANY REDIRECTS
RewriteEngine On
RewriteCond %{ENV:HTTPS} !on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Gives TOO MANY REDIRECTS
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule ^index\.php$ https://foo.bar [L,R=301]

Gives TOO MANY REDIRECTS
<?php
if($_SERVER["HTTPS"] != "on")
{
    header("Location: https://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]);
    exit();
}
?>

I haven't been able to get the HTTPS redirect working using any of these methods.

I'm trying to force only index.php to redirect to HTTPS only when users visit

http://foo.bar (including with trailing slash)

http://foo.bar/index.php

Upvotes: 0

Views: 4250

Answers (5)

Anurag K
Anurag K

Reputation: 189

Ok, I am Facing same problem on my website my website in Joomla 3.5 I am using below code. it works properly in my Joomla! 3.5.1. 

RewriteEngine On 
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*)$ http://www.yourdomain.ac.in/$1 [L,R=301]
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://www.yourdomain.ac.in/$1 [L,R=301]

Upvotes: 0

Croises
Croises

Reputation: 18671

You can use:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(index\.php)?$ https://%{HTTP_HOST} [R=301,NC]

It works with: http://foo.bar -> https://foo.bar
and http://foo.bar/index.php -> https://foo.bar
but not with http://foo.bar/other

Upvotes: 0

Amit Verma
Amit Verma

Reputation: 41219

500 Internal server is due to the Location directive you are using in htaccess. Location directive used only in server config contaxt. To redirect index.php to https, you can use use the following rule. I am assuming you are on apache version 2.4 or higher.

RewriteEngine on
RewriteCond %{REQUEST_SCHEME} http$
RewriteRule ^index\.php$ https://example.com [L,R]

Clear your browser cache before testing this rule.

For lower versions of apache, you can replace the Condition line with one of the following :

RewriteCond %{HTTPS} off

RewriteCond %{SERVER_PORT} 80

Upvotes: 0

Niv Apo
Niv Apo

Reputation: 1083

I'll suggest implementing this PHP code in the top of each file:

if(empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == "off"){
    $redirect = 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
    header('HTTP/1.1 301 Moved Permanently');
    header('Location: ' . $redirect);
    exit();
}

The HTTP response status code 301 Moved Permanently is used for permanent URL redirection, meaning current links or records using the URL that the response is received for should be updated. The new URL should be provided in the Location field included with the response. The 301 redirect is considered a best practice for upgrading users from HTTP to HTTPS.

Upvotes: 1

Dan Hawkins
Dan Hawkins

Reputation: 71

This works perfectly for me:


    RewriteEngine On

    RewriteCond %{SERVER_PORT} 80
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R,L]

Upvotes: 0

Related Questions