15

Firstly, I would like to remove the www. from my domain name

http://www.example.com => http://example.com

I would also like for certain directories to be secure (https), while the rest remain http

http://example.com/login => https://example.com/login

Obviously it needs to work for all conditions, for example if someone types in:

http://www.example.com/login => https://example.com/login

Also when people navigate away from the login page it returns to http. Currently in the .htaccess is the following which is done automatically by the software I am using and I suppose needs to be there for it to work:

RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule .* ./index.php

Any ideas on how I can achieve dream control all these things?

Thanks in advance!

===================

@Gumbo Following your advice this is my complete .htaccess

RewriteEngine On


# remove www from host
RewriteCond %{HTTP_HOST} ^www\.(.+)
RewriteCond %{HTTPS}s/%1 ^(on(s)|offs)/(.+)
RewriteRule ^ http%2://%3%{REQUEST_URI} [L,R=301]

# force HTTPS
RewriteCond %{HTTPS} =off
RewriteRule ^(login)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

# force HTTP
RewriteCond %{HTTPS} =on
RewriteRule !^(login)$ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]


RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule .* ./index.php


Options -Indexes

Navigating to http://example/login still goes to http://example/index.php when it should go to https://example/login Do I have the order wrong?

BiscuitBaker
  • 1,421
  • 3
  • 23
  • 37
Anthony
  • 657
  • 2
  • 10
  • 21

4 Answers4

33

Try these rules:

# remove www from host
RewriteCond %{HTTP_HOST} ^www\.(.+)
RewriteCond %{HTTPS}s/%1 ^(on(s)|offs)/(.+)
RewriteRule ^ http%2://%3%{REQUEST_URI} [L,R=301]

# force HTTPS
RewriteCond %{HTTPS} =off
RewriteRule ^(login|foo|bar|…)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

# force HTTP
RewriteCond %{HTTPS} =on
RewriteRule !^(login|foo|bar|…)$ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

You also might want to add some additional conditions to only change the protocol on GET and HEAD requests but not on POST requests.

Gumbo
  • 643,351
  • 109
  • 780
  • 844
  • Guten Tag Gumbo! OK I think we are getting somewhere. With these rules as above, including the one originally in .htaccess, removing the www. works in all cases. However navigating to http:// mydomain.com/login it goes to http:// mydomain/index.php – Anthony Nov 17 '10 at 11:24
  • @Anthony: As a general rule, put those rules that cause an external redirect in front of those rules that just cause an internal rewrite. Otherwise you can get requests externally redirected that were already rewritten internally. – Gumbo Nov 17 '10 at 12:14
  • I have edited my original post to give you a better idea of what I am working with. – Anthony Nov 17 '10 at 18:02
  • @Gumbo The first part ("remove www from host") will work on any domain without changing the .htaccess? And it will also strip www from http and https requests? – AlexV Jul 21 '11 at 19:47
  • @Gumbo Wow that's great :) First time I see a solution that takes HTTP and HTTPS in consideration and without having to "hardcode" the domain name. – AlexV Jul 22 '11 at 17:27
  • @Gumbo Just a quick question: on the 3rd line is the space between ^ and http%2 is required or we can delete it? – AlexV Jul 23 '11 at 13:59
  • @AlexV: It is required. `^` is the *Pattern* and `http%2://…` the *Substitution*. `^` simply matches any string. – Gumbo Jul 23 '11 at 14:01
  • @Gumbo Maybe you can help me [here](http://serverfault.com/questions/300089/how-to-prevent-hot-linking-image-theft-bandwidth-theft-of-ressources-on-m) if you have time :) – AlexV Aug 11 '11 at 13:54
  • Will this redirect twice for a URL that needs "www" remove and "http" changed to "https"? – showdev Dec 16 '16 at 23:14
6

This code works for me:

<IfModule mod_rewrite.c>

   RewriteEngine on

   RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
   RewriteRule ^(.*)$ https://%1/$1 [R=301,L]

   RewriteCond %{HTTPS} !=on
   RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]

</IfModule>
Aleksandar Pavić
  • 3,143
  • 1
  • 34
  • 36
0

After reading this all post time line i have get success for following error: My website(c4dprime.com) was attached https: in mozilla firefox browser. Google and internet explore are show domain address as http: (The real problem in firefox) I did not want https: for my domain in any browser because one unknow redirect attached with my domain by https: (Cause for this error)after Installing following plugins in wordpress,(Easy redirect for ssl).... I have told to every one do not use any low level plugins for wordpress.

Anyway! After reading many articles and tutorials at this topic via google search engine. Now i am happy to say i have solve this problem from this post tips. Remember one thing about me i am new to in this form and wordpress.

This tip is help full for me 

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{HTTP_HOST} ^www\.yoursite\.com$ [NC]
RewriteRule ^(.*)$ http://yoursite.com/$1 [L,R=301]

After edit or some changes in my .htaccess file following code i have use now with solved this error. 

AddHandler c4d-prime .com

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteBase /
RewriteRule ^$ http://www.c4dprime.com/ [R=301,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress
gevorg
  • 4,835
  • 4
  • 35
  • 52
Shahid Abbas Saher
  • 1
  • 2
0

remove www (tested):

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{HTTP_HOST} ^www\.yoursite\.com$ [NC]
RewriteRule ^(.*)$ http://yoursite.com/$1 [L,R=301]

redirect (not tested):

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{THE_REQUEST} \/login/?.*\ HTTP [NC]
RewriteRule ^(.*)$ https://yoursite.com/login [L,R=301]
Ran Bar-Zik
  • 1,227
  • 9
  • 14