WWW to NON WWW Urls (Remove WWW) using Apache (.htaccess)

Question

I have to redirect my website from https://www.example.com/ to https://website.com/.

SSL is properly installed on my server.

I am using Apache and have to do this using Apache (either httpd.conf/ssl.conf or .htaccess)

I have used almost all of the methods I could search for but none of them work for me.

http://www.example.com/ redirects properly to https://example.com/
http://example.com/ redirects properly to https://example.com/.

But

https://www.example.com/ does not redirect properly to https://example.com/.

It gives me "invalid certificate error" and when I add an exception (accept the certificate) in the browser then it redirects to https://example.com/. But I don't want to add this exception (adding the certificate in the browser).

Please note that my SSL certificate is issued for example.com and not www.example.com.

Following are my .htaccess rules and conditions

RewriteEngine On

RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://{REQUEST_URI} [L,R=301]

RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1%{REQUEST_URI} [R=301,QSA,NC,L]

I have used the following too but these didn't work either:

RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} !^example.com$ [NC]
RewriteRule ^(.*)$ https://example.com/$1 [L,R=301]

Used this as well but no luck

RewriteEngine On
RewriteCond %{HTTP_HOST} !^example.com$ [NC]
RewriteRule ^(.*)$ https://example.com/$1 [L,R=301]

No luck with this too

RewriteEngine on
RewriteCond %{HTTP_HOST} ^www\.
RewriteRule ^(.*)$ http://example.com/$1 [R=301,L]

I have tried 5-6 other solutions (similar to above) but none worked. All work for the first two patterns I mentioned above but none work for https://www.

Note that these conditions of .htaccess are reached, I mean .htaccess is not being ignored. I have verified this using redirects and also the two patterns mentioned above are working as well.

In httpd.conf/ssl.conf the AllowOverride directive is set to All.

I have access to httpd.conf/ssl.conf.

PHP Version 5.5.29

Apache 2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.5.29

Hostname:Port example.com:443

Last but not least my website https://example.com/ does not open in Internet Explorer and Safari and give certificate issues (errors) but when I check my domain using SSL checkers (multiple) then all SSL checkers mentions that SSL is properly installed.

Check this image, this will explain things better:

Complete .htaccess is given below:

Options +FollowSymlinks 
DirectoryIndex index.html Home.php index.php

RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^www\.(.*)
RewriteRule ^.*$ https://%1/$1 [R=301,L]

RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://{REQUEST_URI} [L,R=301]

RewriteRule ^(blogs)($|/) - [L]
RewriteRule ^(.*)/$ index.php?mod=resturants&name=$1&%{QUERY_STRING} [L]
RewriteRule ^$ Home.php [L]
<IfModule mod_rewrite.c>
RewriteCond %{REQUEST_URI} /+[^\.]+$
RewriteRule ^(.+[^/])$ %{REQUEST_URI}/ [R=301,L]
</IfModule>

@hjpotter92 what thing? Please mention in detail, I am not good enough with this stuff. — Gulfam, Oct 09 '15 at 14:45
Check the image, if this may help you http://i.imgur.com/lOy65rs.jpg — Gulfam, Oct 09 '15 at 15:59
No luck :( Same issue. If you have time please read my conversation with Rizwan Ranjha below and check this image. Website do not work in IE and Safari, i.imgur.com/lOy65rs.jpg — Gulfam, Oct 09 '15 at 16:19

score 3 · Accepted Answer · answered Oct 09 '15 at 19:13

Please note that my SSL certificate is issued for website.com and not www.website.com.

That is your main problem. You are never going to be able to redirect from www to non www without a valid certificate for www. The reason is the connection is handled first before the web server processes anything else including any rewrite rules. So when your browser connects to your site using the https protocol, it has to check for a valid certificate because that's the very nature of SSL to make sure the connection is secure. Then once that is done, Apache will process web server rules that you have in place like rewrites. So it can't rewrite from www to non www until the connection is completed correctly. In order for that to happen you also need a certificate for www as well. The rewrite rules are not the problem.

This topic comes up quite frequently and there is no way around it. That's the nature of SSL/encryption and how it works.

When buying a cert, try not buying just the domain name, because some CA's will only give you that without www. But if you use www.example.com in your CSR you will get both www.example.com and example.com in the same certificate 99% of the time. Then you won't have to worry about this issue. They are stupid cheap so it shouldn't be an issue to get another one. SSls.com has them for 4.99/yr.

I have asked for www.website.com certificate but why **http : // www.website.com/** and **http : // website.com/** are successfully redirecting to **https : // website.com**? — Gulfam, Oct 11 '15 at 06:34

score -1 · Answer 2 · edited May 23 '17 at 12:14

-1

Did you Try this ?

RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^www\.(.*)
RewriteRule ^.*$ https://%1/$1 [R=301,L]

Generic htaccess redirect www to non-www

edited May 23 '17 at 12:14

Community

1
1

answered Oct 09 '15 at 14:08

Rizwan Ranjha

380
3
4
16

Same issue (error) which I explained in post. **This Connection is Untrusted** with https :// www,domain.com/ whereas it should had been redirected to https://domain.com/ – Gulfam Oct 09 '15 at 15:15
does your SSL certificate cover both www and non www as it seems than its issue of SSL not redirecting. – Rizwan Ranjha Oct 09 '15 at 15:18
1

NO, SSL covers only domain.com and not the www.domain.com, this is the reason I am trying to redirect everything to domain.com – Gulfam Oct 09 '15 at 15:19
Hi, I have update the answer, please check again and paste this in start of the .htaccess – Rizwan Ranjha Oct 09 '15 at 15:24
No luck :( Same issue. If there is anything that can I do in httpd.conf or ssl.conf? – Gulfam Oct 09 '15 at 15:26
if you do manually https://domain.com , does it working fine? If Yes , then only issue is with redirect. – Rizwan Ranjha Oct 09 '15 at 15:33
IE and Safari are not opening domain.com at all, Firefox and Chrome opens the website (https) but may be do not accept the certificate fully. Check this photo this will explain things better to you. http://i.imgur.com/lOy65rs.jpg – Gulfam Oct 09 '15 at 15:57
better to post your .htaccess (complete) – Rizwan Ranjha Oct 09 '15 at 16:06
I have updated the post and have added the complete .htaccess – Gulfam Oct 09 '15 at 16:15

WWW to NON WWW Urls (Remove WWW) using Apache (.htaccess)

2 Answers2

Linked