How to combine two .htaccess re-directs?

Question

In my MVC application, I'm directing all of my requests to my index.php file using an .htaccess file. In addition, I'd like to enforce SSL. Using this post, I've added '#enforce https' code . However, when I add the code to my .htaccess file, my browser complains that it will be unable to complete the request. How can I have both rewrite rules in the same file?

RewriteEngine On

#redirect to index.php as appropriate
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-l

RewriteRule ^(.+)$ index.php?url=$1 [QSA,L]

#enforce https
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

score 2 · Accepted Answer · answered Aug 12 '15 at 03:23

The rule that rewrites to index.php has a regex: ^(.+)$, which matches everything. That includes anything you want to redirect. You need to have your redirect rules before your routing rules. Additionally, you need to make sure the nothing in index.php will redirect the browser back to non-SSL:

RewriteEngine On

#enforce https
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

#redirect to index.php as appropriate
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-l

RewriteRule ^(.+)$ index.php?url=$1 [QSA,L]

That makes sense. I actually had originally put my code in the order that you presented but neglected to check that nothing in index.php would direct back to non-SSL. — Eric, Aug 12 '15 at 13:44

How to combine two .htaccess re-directs?

1 Answers1