apache htaccess doesnt add https://www to any page except inside.php

Question

We have a client's site that is currently on our development server. We are having some issues formatting the .htaccess file. Currently, the htaccess file is causing a redirect to https://www. only on inside.php. Our goal is to make every page redirect to use https://www.. We are currently using a base url set-up in our header.php file that is included on every page. Unsure if there is a better way to accomplish what we are trying to do, but if there is any help would be appreciated.

Here is the current contents of our .htaccess file.

RewriteEngine on

#enables you to access PHP files with HTML extension
AddType application/x-httpd-ea-php70 .html .htm

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d [OR]
RewriteCond %{REQUEST_FILENAME} -l
RewriteRule ^ - [L]

#forces https://
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

#forces www
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]


RewriteRule ^physicians(/((([a-zA-Z0-9_-]+)/?)*))?$    physicians.php?link=$2    [NC,L]

RewriteRule ^((([a-zA-Z0-9_-]+)/?)*)$ inside.php?page=$1


ErrorDocument 404 /inside.php

Since this is a new page we can assume you are using a current http server version. That means you should prefer the `END` flag over the `L` flag. — arkascha, May 02 '17 at 14:05
If this is a page on a development server and something you develop for a paying customer then I would expect that you are in control of the http server configuration. In that case: why use a dynamic configuration file at all instead of the real server configuration? Those files are notoriously error prone, hard to debug and they slow down the server for nothing. — arkascha, May 02 '17 at 14:07
You block any rewriting in case the request targets an existing file, folder or link in the physical file system. That way no redirection to https and www can be applied. You will have to swap the order of the rule groups. — arkascha, May 02 '17 at 14:09
What would you suggest to reorder them to because I do not know htaccess very well — Yeoj, May 02 '17 at 14:22
Do you have to do everything in .htaccess or do you have access to the actual apache virtual host configuration? There's a much more efficient way of doing it using apache configs. — Aleks G, May 02 '17 at 14:28

score 2 · Accepted Answer · edited May 23 '17 at 11:47

You exit early, when the request is for a real file, directory or symbolic link

RewriteRule ^ - [L]

Only after this rule, requests are redirected to https://www.. To redirect all requests to https://www., move the rules to the beginning, e.g.

#forces www
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R]

#forces https://
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R]

# all other rules come here
# ...

I also moved the non-www part to the front, because otherwise you have two redirects, if the original request is for http://example.com.

Never test with R=301!

apache htaccess doesnt add https://www to any page except inside.php

1 Answers1