htaccess : redirection all subdomain to main https www domain

Question

i'm stuck using htaccess redirection, mixing some answers [1] [2] about htaccess redirection.

My goal is to redirect every subdomain (not www) to my main one ( starting with https://www. ), keeping the Request_URI (like specified folder) as it is.

Here is what i've done:

RewriteEngine On

RewriteCond %{HTTP_HOST} ^(.+)\.mydomain\.fr$ [NC]
# OR : RewriteCond .* ^(.+)\.%{HTTP_HOST}%{REQUEST_URI}$   [NC]

RewriteCond %{HTTP_HOST} !^www\.mydomain\.fr$  [NC]
RewriteRule ^ https://www.mydomain.fr%{REQUEST_URI} [L,R=301,QSA]

This config do redirect (strong text are bad redirection) :

test.mydomain.fr => https://www.mydomain.fr
test.mydomain.fr/foo => https://www.mydomain.fr/foo
mydomain.fr => https://www.mydomain.fr
https://foo.mydomain.fr => https://foo.mydomain.fr
www.mydomain.fr => http://www.mydomain.fr

Swapping RewriteCond %{HTTP_HOST} !^www\.mydomain\.fr$ [NC]

to

RewriteCond %{HTTP_HOST} !^https://www\.mydomain\.fr [NC] gave me an error of bad redirection. My thoughts was to check if the HTTP_HOST is in format https://www.mydomain, if not redirect to the good URL with REQUEST info RewriteRule ^ https://www.mydomain.fr/%{REQUEST_URI}

Why is there a bad redirection ? Do I have to write 2 set of Condition and Rule to check first the subdomain, then the HTTPS ? (I'm currently trying to make the redirection using one rule and several conditions, this may not be the best practice)

EDIT : My goal is to have these redirection:

test.mydomain.fr => https://www.mydomain.fr
test.mydomain.fr/foo => https://www.mydomain.fr/foo
mydomain.fr => https://www.mydomain.fr
https://foo.mydomain.fr => https://www.mydomain.fr
www.mydomain.fr => https://www.mydomain.fr

Thanks in advance for any answers/ideas.

EDIT 2:

I've tried the Larzan answer on THIS question, and it seems to do what i want except one thing : If my URL in my browser is something like https://foobar.mydomain.fr, the browser shows me a big red warning about security, and i have to accept the risk, then the redirection is done to https://www.mydomain.fr. How can i removed this warning ?

#First rewrite any request to the wrong domain to use the correct one (here www.)
RewriteCond %{HTTP_HOST} !^www\.mydomain
RewriteRule ^(.*)$ https://www.mydomain.fr%{REQUEST_URI} [L,R=301]

#Now, rewrite to HTTPS:
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

What does `https://foo.mydomain.fr => https://foo.mydomain.fr` mean? Both URLs are the same, nothing happens? — Dusan Bajic, Dec 07 '16 at 14:48
I've edited my question to add what redirection i want. @DusanBajic : I would like to suppress the subdomain foo. — Marcassin, Dec 07 '16 at 15:55
http://stackoverflow.com/questions/37286178/old-https-causing-issues-in-htaccess-redirect/37286822#37286822 , you need to have wildcard certificate — Dusan Bajic, Dec 08 '16 at 08:32
Okay, so i need few more steps to achieve what I want. Thank you for that answer ! — Marcassin, Dec 08 '16 at 10:17

score 0 · Accepted Answer · answered Dec 07 '16 at 18:13

0

Replace both of your rules with this single rule:

RewriteEngine On

RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^www\.mydomain\.fr$  [NC]
RewriteRule ^ https://www.mydomain.fr%{REQUEST_URI} [L,R=301,NE]

Test the change after completely clearing your browser cache.

answered Dec 07 '16 at 18:13

anubhava

761,203
64
569
643

Hi, this solution fix the redirection `www.mydomain.fr` => `https://www.mydomain.fr`, but if i enter in my explorer : `https://foobar.domain.fr` the URL is still the same. The entered URL doesnt start with a www, so it should be accepted for redirection. but it seems not. "www" != "foobar" why Apache doesn't see that ? Thank you – Marcassin Dec 07 '16 at 22:57
This rule should work for subdomains as well but subdomain should point to same directory as the DocumentRoot of main domain. – anubhava Dec 08 '16 at 03:12
Is there any way to redirect every subdomain (wildcard) ? so no directory declartion for subdomain, only for main domain. (cf EDIT 2). Thanks – Marcassin Dec 08 '16 at 07:07
1

ok so now your query is `How can i remove SSL cert warning` Unfortunately answer is you cannot. Reason is that SSL handshake with browser happens before Apache loads any module to redirect/rewrite. Since your SSL cert is for main domain hence visiting `https://foobar.maindomain.fr` throws this warning. Only way to avoid this warning is by using a wildcard SSL cert which is usually expensive than regular SSL cert for a single domain. btw the rules in your EDIT section are doing exactly same as what my single redirect rule is doing. – anubhava Dec 08 '16 at 12:54
Thanks you for your answer, i'm gonna accept it because it make all redirection i want, and you explained why i can't for the SSL subdomain. Thanks The only difference is that `https://foobar.maindomain.fr`didn't make any redirection after the SSL warning with your solution, even accepting the risk. (i've made several test, with no cache, but i'm gonna test again). – Marcassin Dec 08 '16 at 16:21
Due to presence of `[OR]` in first condition it will redirect if either of 2 conditions are true. For the case of `https://foobar.maindomain.fr` second condition will be true hence redirection should happen. – anubhava Dec 08 '16 at 16:23

htaccess : redirection all subdomain to main https www domain

1 Answers1