3

We have installed a SSL for our site and I have created an .htaccess with the following code:

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
RewriteCond %{ENV:HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
# mobile redirect
RewriteCond %{HTTP_HOST} ^www\mobile.example\.com [NC]
RewriteCond % 
{HTTP_USER_AGENT}"android|blackberry|iphone|ipod|iemobile|opera mobile|palmos|webos|googlebot-mobile" [NC]
RewriteRule ^(.*)$ https://mobile.example.com/$1 [L,R=302]
</IfModule>

This code works great coming from the desktop, but the mobile part is not working. What am I missing?

MrWhite
  • 43,179
  • 8
  • 60
  • 84
Carla Rogers
  • 31
  • 2
  • Can you please fix the formatting of your code. Use three backticks to format a code block (or prefix the entire block with 4 spaces using the button on the toolbar). It looks like you have a subtle error in the mobile code block, but this could just be due to the formatting of your post as you are missing a _space_?! – MrWhite Aug 12 '21 at 16:33
  • There, that should be better. Sorry about that. – Carla Rogers Aug 12 '21 at 17:41
  • How did you get on with my answer? – MrWhite Aug 13 '21 at 13:09
  • I changed the code per your example and I received "Internal Server Error The server encountered an internal error or misconfiguration and was unable to complete your request.... More information about this error may be available in the server error log" for both desktop and mobile. I am very new to coding anything in .htaccess and my host site only refers me to this site and doesn't help with determining any code. So I will be very thankful for any help. – Carla Rogers Aug 16 '21 at 00:34
  • There's nothing specifically wrong with the code in my answer that would cause a "500 Internal Server Error", unless perhaps mod_rewrite is not enabled on your server (seems unlikely and your webhost would/should have alerted you to this)?! You need to check your server's error log for the details of this error. An "Internal Server Error" is just a generic error, the actual problem could be anything. What is the URL you are requesting? If your "host site doesn't help", where did you get the `RewriteCond %{ENV:HTTPS} !=on` from? That is very host-specific. – MrWhite Aug 16 '21 at 01:32
  • The code I have I got from some links the host provided for http to https redirects:https://support.hostway.com/hc/en-us/articles/115000678970-How-to-create-an-htaccess-file-and-what-it-can-be-used-for- I thought – Carla Rogers Aug 16 '21 at 14:52
  • that this would be for all redirects, but it wasn't working for Mobiles. So they told me to put the .htaccess file into the Mobile folder, which I wasn't aware of. But it didn't change anything when I did that. – Carla Rogers Aug 16 '21 at 14:54
  • They then gave me two links for mobile: • https://stackoverflow.com/questions/3680463/mobile-redirect-using-htaccess • https://stackoverflow.com/questions/9421577/best-way-to-redirect-mobile-devices?noredirect=1&lq=1 – Carla Rogers Aug 16 '21 at 14:54
  • What I need for the .htaccess to do is redirect all traffic - desktop and mobile etc - to the new https instead of http. – Carla Rogers Aug 16 '21 at 14:56
  • Section "5. HTTP to HTTPS redirection:" in that [linked article](https://support.hostway.com/hc/en-us/articles/115000678970-How-to-create-an-htaccess-file-and-what-it-can-be-used-for-) is not only an "HTTP to HTTPS redirect" and is incorrect in its ordering (as stated in my answer). That code also includes a "front-controller pattern" (which is unrelated to HTTP to HTTPS redirection). Do you need a front-controller? "I thought that this would be for all redirects" - Yes, it is for "all redirects", it does not differentiate between desktop and mobile UA. – MrWhite Aug 19 '21 at 17:08
  • "they told me to put the .htaccess file into the Mobile folder" - You have a separate "mobile folder"? (Is this what the subdomain points to?) Do you have multiple `.htaccess` files? If you do then you can have conflicts and the above redirect will not necessarily work. – MrWhite Aug 19 '21 at 17:12
  • By the sounds of it, you may have over-complicated this following bad advice from the web host? I've updated my answer. – MrWhite Aug 19 '21 at 17:28

1 Answers1

0

...but the mobile part is not working.

You've not stated explicitly what the "mobile" part is expected to do. However, the "mobile part" in your code would seem to just be a www to non-www redirect. The HTTP to HTTPS redirect is separate to this and does not differentiate between mobile and desktop (and neither would it necessarily need to).

However, there are several issues with the directives in the "mobile part" that will prevent it from "working" (and also with the HTTP to HTTPS redirect).

  • The directives are in the wrong order. Both of the external redirects (HTTP to HTTPS and "mobile" www to non-www) should be before the internal rewrite (the first couple of rules)

  • I assume ENV:HTTPS (that references an environment variable called HTTPS) is as per instruction from your webhost. This is non-standard, although not uncommon with some shared hosts.

  • RewriteCond %{HTTP_HOST} ^www\mobile.example\.com [NC] - You are missing a dot after the www subdomain (assuming that is what you trying to match). So, this will never match. You are also missing a slash before the dot in the middle of the regex (to match a literal dot, not any character). The CondPattern should presumably read ^www\.mobile\.example\.com in order to match the www subdomain.

  • RewriteCond % {HTTP_USER_AGENT}"android|blackberry|iphone|ipod|iemobile|opera mobile|palmos|webos|googlebot-mobile" [NC] - You are missing a space after the first argument %{HTTP_USER_AGENT}<here>. Although you also appear to have an erroneous space after the %. Either way, this will fail to match. However, I would also question why you specifically need to match the mobile user-agent here? I would think you need to redirect www to non-www regardless of user-agent? Why would you permit a desktop user-agent access to www.mobile.example.com? So, this condition can perhaps be removed entirely.

  • Not a bug, but you probably don't need the <IfModule> wrapper, unless these directives are optional and you are porting the same code to multiple servers where mod_rewrite might not be available. See my answer to a related question on the Webmasters stack: https://webmasters.stackexchange.com/questions/112600/is-checking-for-mod-write-really-necessary

  • Again, not a bug, but the RewriteBase / directive in this block of code is entirely redundant.

Taking the above points into consideration, it should be written more like this:

RewriteEngine On

# HTTP to HTTPS redirect - all hosts
RewriteCond %{ENV:HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]

# mobile redirect
RewriteCond %{HTTP_HOST} ^www\.mobile\.example\.com [NC]
RewriteCond %{HTTP_USER_AGENT} "android|blackberry|iphone|ipod|iemobile|opera mobile|palmos|webos|googlebot-mobile" [NC]
RewriteRule (.*) https://mobile.example.com/$1 [R=302,L]

# Front-controller
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

Like I said in the notes above, I question the use of the RewriteCond %{HTTP_USER_AGENT} directive to detect mobile-only user-agents. If all users should be redirected www to non-www (as it looks like they should) then simply remove this condition. This should also presumably be a 301 (permanent) redirect once you have confirmed that it works as intended.

Taking this a step further, don't you also want to canonicalise desktop clients as well? ie. Redirect www to non-www on all hosts?

This code works great coming from the desktop

Although there's no reason why this didn't work "great" from mobile either if you were requesting the conanical host, ie. https://mobile.example.com/.

UPDATE: What I need for the .htaccess to do is redirect all traffic - desktop and mobile etc - to the new https instead of HTTP.

By the sounds of it you only need a "simple" HTTP to HTTPS redirect. The "front-controller pattern" that you have seemingly copied from the webhost's article may be in error?

Try the following instead in the root .htaccess file.

RewriteEngine On

# Redirect all requests from HTTP to HTTPS on the same host
RewriteCond %{ENV:HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

You should remove all other directives and make sure there are no other .htaccess files in subdirectories.

The REQUEST_URI server variable contains the requested URL-path. This will be required, instead of using a backreference as you had initially, if your mobile subdomain points to a subdirectory off the main domain's document root (which you hint at in comments, but not stated in the question).

You must clear the browser cache before testing and test first with 302 (temporary) redirects before changing to a 301 (permanent) redirect only once you have confirmed the redirect works as intended.

MrWhite
  • 43,179
  • 8
  • 60
  • 84