htaccess redirect not preserving protocol

Question

I have a rule set up in .htaccess to add a trailing slash, but if the host is https, this causes it to redirect via http, but I don't understand why:

# add trailing slash
RewriteCond %{REQUEST_URI} ^\/([A-Za-z0-9\-\/]*[A-Za-z0-9\-]+)$
RewriteRule .* /%1/ [R=301,L]

So, if I request https://www.example.com/some/page it triggers the rule in .htaccess to add the trailing slash, but redirects me to http://www.example.com/some/page/.

If a page is requested as https://www.example.com/some/page, why is the rule above redirecting it to http://www.example.com/some/page/?

How can I add the trailing slash while still redirecting with the correct host?

http://stackoverflow.com/questions/10489895/http-to-https-through-htaccess — caramba, Feb 23 '15 at 12:35
possible duplicate of [How do you redirect HTTPS to HTTP?](http://stackoverflow.com/questions/8371/how-do-you-redirect-https-to-http) — SO-user, Feb 23 '15 at 12:36
Your PHP code is not looking right, why do you need this if you can handle `http->https` via rewrite rules itself. — anubhava, Feb 23 '15 at 12:36
Rewrite is not redirecting `https` to `http`. If you mix redirection logic in code and rule then it will indeed cause problems like this. — anubhava, Feb 23 '15 at 13:09
@anubhava it appears to be. If I remove the rule it works fine. If I add the rule and look at network requests it redirects `https://www.example.com/some/page` to `http://www.example.com/some/page/`, so irrespective of the redirect in the code itself, the problem lies within the `.htaccess` rule — Johnny Appleseed, Feb 23 '15 at 13:26
You're totally mistaken here. Your rule is not making it `http` but it is your shown PHP that is doing it. Remove all PHP code and test it separately. — anubhava, Feb 23 '15 at 13:42
@anubhava I'm not - I see the php redirect as a separate request in the network tab, which redirects to the homepage (if you look at the php above, it redirects to the homepage, not to `/some/page`) — Johnny Appleseed, Feb 23 '15 at 13:50
If you want to waste your time in arguing it is fine but if I were you I would have tested the rules separately (without any PHP support). btw I have already tested your shown rule in my Apache (without any PHP code) and there is no `https->http` redirection. — anubhava, Feb 23 '15 at 13:54
I'm not arguing, you're adamant that my php redirect is at fault here when it's clearly not. You can see from the code I've provided, and the comments above that this cannot be the case. Thanks for helping anyway. — Johnny Appleseed, Feb 23 '15 at 13:58
I am only adamant that shown rewrite rule is not doing `https->http` conversion and I have already tested that before writing any comment. — anubhava, Feb 23 '15 at 14:00

score 1 · Answer 1 · answered Feb 23 '15 at 12:40

1

Why don't you just modify your rule to this:

RewriteCond %{REQUEST_URI} ^\/([A-Za-z0-9\-\/]*[A-Za-z0-9\-]+)$
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI}/ [R=301,L]

This would also force the use of HTTPS which is always a good thing. : )

answered Feb 23 '15 at 12:40

Itay Grudev

7,055
4
54
86

because the code/htaccess is shared by numerous sites, some of which need to be served via `https`, some `http` – Johnny Appleseed Feb 23 '15 at 12:45
You can put it on the subdirectory responsible for the specific website. – Itay Grudev Feb 23 '15 at 12:50
It's not really a feasable solution. There are maybe 10 sites which are served via https, that'd mean adding and maintaing 10 separate `.htaccess` files. I don't understand why the rule is redirecting `https` to `http` – Johnny Appleseed Feb 23 '15 at 12:55

htaccess redirect not preserving protocol

1 Answers1