How do i force redirect to secure domain with htaccess

Question

When a request comes to my website from insecure http://, i want it to get redirected to https://.

My root directory has both html and php files in it. Based on request path i will decide whether to serve HTML or PHP file.

Below is my existing .htaccess file.

RewriteEngine On
RewriteRule "^(news_[^.]+|faq|terms|get).*" "$1.php" [NC,L]

the above configuration works fine for serving files from both secure and insecure domains.

But when i try to force SSL by changing the above configuration

RewriteCond %{HTTP:X-Forwarded-Proto} =http [OR]
RewriteCond %{HTTP:X-Forwarded-Proto} =""
RewriteCond %{HTTPS} !=on
# # Redirect to https version
RewriteRule ^get$ "https://example.com/get.php" [L]
RewriteRule ^faq$ "https://example.com/faq.php" [L]
RewriteRule ^terms$ "https://example.com/terms.php" [L]
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

It is forcing SSL for all the html pages that is being served from the directory. But the /get, /faq , /terms are getting a request timeout.

How do i fix it ? Where am i doing it wrong ?

Regardless you should consider serving all requests via https. My site uses the htaccess as given below — Vipin Mohan, Jan 12 '18 at 01:13

score 1 · Accepted Answer · answered Jan 12 '18 at 01:09

RewriteEngine On
### WWW & HTTPS# ensure www.
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# ensure https
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
### WWW & HTTPS

This should do it. Edit your .htaccess to reflect the same and place it in root.

How do i force redirect to secure domain with htaccess

1 Answers1