0

I'm trying to force non-www + https in .htaccess on an AWS EC2 instance.

While there is an abundance of apparently working solutions right here on StackOverflow, all of those only produce redirect loops for me.

I get a redirect loop when I try this rule:

RewriteEngine on
#RewriteCond %{HTTP_HOST} ^(www\.)(.+) [OR]
#RewriteCond %{HTTPS} off
#RewriteCond %{HTTP_HOST} ^(www\.)?(.+)
#RewriteRule ^ https://%2%{REQUEST_URI} [R=301,L]

(via Force non-www and https via htaccess)

Same for this one:

RewriteEngine on
#RewriteCond %{HTTP_HOST} !^domain.com$ [NC]
#RewriteRule ^(.*)$ https://domain.com/$1 [L,R=301]

#RewriteCond %{HTTPS} off
#RewriteRule ^(.*)$ https://domain.com/$1 [R,L]

Both seem to work for the respective OP, and as indicated by some of the comments, they work for others too.

I have the following VirtualHosts set up in my httpd.conf:

NameVirtualHost *:80
Listen 8443
NameVirtualHost *:8443

<VirtualHost *:80 *:8443>
    ServerAdmin webmaster@domain.com
    DocumentRoot /var/www/domain.com
    ServerName domain.com
    ServerAlias *.domain.com
    ErrorLog logs/domain.com-error_log
    CustomLog logs/domain.com-access_log common
</VirtualHost>

For context: The :8443 port receives traffic from an AWS ELB (load balancer) which routes :443 SSL requests to this particular port, because the SSL certificate is installed on the load balancer itself.

What could be the issue for the redirect loops?

Community
  • 1
  • 1
bobsoap
  • 4,844
  • 7
  • 30
  • 43

2 Answers2

1

Behind the load balancer you have to handle things differently. You won't be checking for https in the normal way because of the SSL Offloading with your LB. You would need to check the X-Forwarded-Proto

Try these rules and see how they work. 

RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteCond %{SERVER_NAME} ^(www\.)?(.*)$ [NC]
RewriteRule ^.*$ https://%2%{REQUEST_URI} [R=301,L]
Panama Jack
  • 24,158
  • 10
  • 63
  • 95
  • Duh - you're absolutely right, of course. Your code works for https, but it still produces redirect loops for www.domain.com... I need to rewrite everything to non-www. Any idea? – bobsoap Jun 18 '15 at 20:08
  • @bobsoap give this update a try and clear your cache. – Panama Jack Jun 18 '15 at 20:17
  • Thanks a lot Panama Jack, this worked! I had to tweak the health check settings a bit because they were causing 503 errors - not sure why though. It seems to be running smoothly now. – bobsoap Jun 18 '15 at 21:14
1

To avoid redirect loop you can use this rule:

RewriteEngine On

RewriteCond %{HTTP_HOST} ^www\. [NC,OR]
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [R=302,L,NE]

Make sure to clear your browser cache before testing this.

anubhava
  • 761,203
  • 64
  • 569
  • 643