0

I have a strange problem with my domains in search engines:

I am owning several domains, let's say:

example.com
example.net
example.org

All domains are pointing to my server, that's why I added a redirect on top of the httpd.conf file to prevent doublicated content:

RewriteCond %{HTTP_HOST} !^example\.com$
RewriteRule ^(.*)$ https://example.com/$1 [R=301,L]

It's working well for the users.

Since I got a ssl-certificate for the .com domain, I am redirecting all users to the https version:

RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI}

Working also well for the users.

Now the strange problem: For some reason, sometimes search engines are listing https://example.net/apage.php and since I got no ssl-certificate for the .net (and .org) domain, when visitors are clickling these results in search engines, they will get a browser warning that the connection to the website is not secure. This is very confusing and I couldn't find a way to redirect visitors to the correct .com domain before the browser warning appears.

Do you got an idea to solve this problem with a mod_rewrite condition or any work around?

lickmycode
  • 2,069
  • 2
  • 19
  • 20

2 Answers2

0

mod_rewrite works by sending a redirect to the browser, so that it has to first reach the server. The warning showed by browser happens before this.

Maybe you can buy a multiple domain SSL certificate.

If not, you can make the legitimate search bots not to crawl the .net and .org versions of your site. Maybe by including a robots.txt file only for these domains, like the one described here: Stop Google from indexing

Community
  • 1
  • 1
Alexandru Marina
  • 906
  • 5
  • 9
  • What I don't understand, why it isn't redirecting already when the domain ending is not .com, regardless if a https request or not. – lickmycode Jul 15 '16 at 17:52
0

This set of rewrites redirect whatever Host the client has used with the uri it has used to the same url in https:

RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI}

So anyone requesting http://example.net/something passing through those will end up in https://example.net/something. If at all your other set of rewrites would be the one neccesary.

In any case using mod_rewrite for such simple redirections is just complicating things unnecessarily and certainly checking if HTTPS is off in a non-SSL virtualhost is redundant.

The correct way of redirecting to only end up with example.com in https:

NamedVirtualHost *:80 <-- use this for more vh's present and if this is 2.2.x
<VirtualHost *:80>
ServerName example.net
ServerAlias example.org
Redirect / https://example.com/
</VirtualHost>
  • If there is content in example.com for port 80 you want to serve you just add another virtualhost entry for that ServerName, or otherwise just add another ServerAlias for example.com in the previous virtualhost.

Then:

<VirtualHost *:443>
ServerName example.com
#.....other directives here
</VirtualHost>

This way there is no possible mistake made that would take any Hostname other than example.com to be requested as https.

All without the need of convoluted rewrites which are not necessary.

Daniel Ferradal
  • 2,727
  • 1
  • 13
  • 19