-3

I have a site with security certificate installed at www.abc.com. I am using .htaccess to redirect it to https when a request made with just http.

#RewriteCond %{SERVER_PORT} 80 
#RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

What I need is, htaccess should make an attempt to redirect only when requested with http://www.example.com or http://example.com.

It should avoid redirecting when a request is already made with https.

Jerry Jones
  • 776
  • 1
  • 13
  • 29
  • 2
    possible duplicate of [htaccess redirect to https://www](http://stackoverflow.com/questions/13977851/htaccess-redirect-to-https-www) –  Jan 23 '15 at 10:36
  • htaccess redirection is simple. What I need is it should only redirect when a request is made without https. Your link does not provide the solution for that, Mr Borr. – Jerry Jones Jan 23 '15 at 10:43
  • I don't mean to be rude, I'm genuinely curious - did you google this at all before asking? There are so many articles and tutorials on this, many on this very website.. – Dan Smith Jan 23 '15 at 11:21
  • @JerryJones that link does indeed provide a solution for redirecting *when the request isn't HTTPS*, it's the first rule in the first answer. – Jon Lin Jan 23 '15 at 15:06

1 Answers1

0
RewriteEngine On
RewriteCond %{HTTPS} !^(www\.)?on$
RewriteRule (.*)$ https://www.abc.fr/$1 [R,L]

Here is answer you need use:

RewriteCond %{HTTPS} !^(www\.)?on$
qwerBsss
  • 13
  • 5
  • Worked well but a little problem occured when requested with the folowing url: https://example.com ERROR: "This server could not prove that it is example.com; its security certificate is from www.example.com. This may be caused by a misconfiguration or an attacker intercepting your connection." – Jerry Jones Jan 23 '15 at 10:52
  • It's why you need to redirect to https://www. Read again http://stackoverflow.com/questions/13977851/htaccess-redirect-to-https-www : when you have a single site security certificate, a browser that tries to access your page without https:// www. (or whichever domain your certificate covers) will display an ugly red warning screen before it even gets to receive the redirect to the safe and correct https page. – Croises Jan 23 '15 at 10:55
  • change then RewriteCond, i edit answer: `RewriteCond %{HTTPS} !^(www\.)?on$` – qwerBsss Jan 23 '15 at 12:24
  • The `%{HTTPS}` variable will **only** be either "on" or "off", there's no www ever in that variable – Jon Lin Jan 23 '15 at 15:04