0

I am trying to make the web server to redirect all users from http to https. This is the code I am using:

RewriteEngine on
RewriteBase /
RewriteCond %{HTTP_HTTPS} !=on
RewriteRule ^(.*)$ https://%{SERVER_NAME}/$1 [R=301,L]

However, I've realized that when users send a request with information to http initially, after that this rewrite rule has executed, the POST data seems to be lost.

Is there any way to, when rewriting to HTTPS, make sure that all POST data is sent as well.

Artem
  • 1,000
  • 1
  • 15
  • 30

1 Answers1

2

There are two HTTP status codes 307 (temporary) and 308 (permanent), which you might use for such a case. These status codes do the same as 302 and 301 redirect codes, but keep the method (GET/POST) intact 

RewriteRule ^(.*)$ https://%{SERVER_NAME}/$1 [R=308,L]

Although, you should test with 307 until everything works as expected. See this answer Tips for debugging .htaccess rewrite rules for details.

Community
  • 1
  • 1
Olaf Dietsche
  • 72,253
  • 8
  • 102
  • 198
  • 1
    On Linux, although it works with `307`, it complains when trying to use `308`: `Syntax error on line 14 of /etc/httpd/conf.d/file.conf: RewriteRule: invalid HTTP response code '308' for flag 'R'` – Radu Jun 11 '15 at 17:52
  • @Radu I have retested this with both `.htaccess` and Apache's main config file. In both cases redirects with either `307` or `308` worked as expected. My Apache runs on Ubuntu 14.04 and has version 2.4.7. – Olaf Dietsche Jun 12 '15 at 09:50
  • 2
    Support for 308 was added [in Apache 2.4.3](https://archive.apache.org/dist/httpd/CHANGES_2.4.3) ("Add missing HTTP status codes registered with IANA.") – Joe Oct 05 '16 at 13:02