How to Write Redirect Rules for HTTP to HTTPS in Apache using .htacess

-

HTTP vs HTTPS

HTTP (HyperText Transfer Protocol) is the most basic and known protocol (a standard set of rules) used to transfer data from a web server to a browser. It allows communication between different systems.
HTTPS is HTTP with encryption i.e it uses encryption (TLS/SSL) to make HTTP requests more secure while transferring the data from a web server to a browser or vice-versa. 

 So there are benefits of using HTTPS for your website:
1. It makes your website more secure against data theft.
2. It also improves your SEO rank.

 So now let's learn how we can direct a website from HTTP to HTTPS.
First, make sure you have generated and integrated SSL certificate for your website and the Rewrite module is enabled on your hosting server. so that your website can work on HTTPS without any trouble.

After applying the SSL certificate our website can be accessed via HTTP or HTTPS. But per above after knowing the benefits of HTTPS we need redirect HTTP to HTTPS.

Re-write Rules

Here is I assume that you are a bit aware of setting basic apache settings via .htaccess file, like - rewrite rules, updating memory size, etc.
Here we will only talk about re-write rules for apache. Basically, re-write rules have 2 parts - RewriteCond i.e. condition for action to be in-effect and RewriteRule i.e. the action itself.
The condition can be simple (only one RewriteCond ) or can be complex (having multiple RewriteCond ) combined with logical operator `AND`(default and option to write) and `OR`.

Redirect HTTP to HTTPS for Domain

To redirect from HTTP to HTTPS we simply need to have 2 conditions and 1 Rule as below:

 RewriteCond %{HTTPS} off

RewriteCond %{HTTP_HOST} ^yourdomain.com$
RewriteRule ^(.*)$ https://yourdomain.com/$1 [QSA,L,R=301]

 First condition checks if HTTPS is off i.e. if the incoming request is over HTTP only.
Second condition checks if the request for your HOST domain.

If both the conditions result in TRUE the rule will be in action and it redirects all the requests over HTTPS.

Redirect HTTP to HTTPS for Domain with Sub-Domains

To redirect from HTTP to HTTPS for a domain with Sub-Domain you have added 1 additional Condition and little update in Rule which we have done in case of simple domain. i.e.

RewriteCond %{HTTP_HOST} ^((.+)\.)?yourdomain.com$

The above condition checks if the incoming request is for any sub-domain of your domain of any character(using regex ``).
Now update your Rewrite Rule to include subdomain part by adding `%1`(which will take regex matching part i.e. subdomain) while redirecting to HTTPS as:

RewriteRule ^(.*) https://%1.yourdomain.com/$1 [QSA,L,R=301]

So complete Rewrite Rule block will look like:
 
RewriteCond %{HTTPS} off

RewriteCond %{HTTP_HOST} ^yourdomain.com$
RewriteCond %{HTTP_HOST} ^((.+)\.)?yourdomain.com$
RewriteRule ^(.*) https://%1.yourdomain.com/$1 [QSA,L,R=301]

 Here one thing to note here, in .htacess we can access any server global variable like - HTTP_HOST, REQUEST_URI, HTTP, etc.
Location: Chandigarh, India
A man with small desires, likes things in simple conditions, loves god creation, feels pleasure to help someone needy.
Professional: Software Developer (PHP) (5+ yrs) with good hands in latest technologies and Frameworks like Laravel Cakephp 3, CodeIgniter, Wordpress, Core PHP, MySQL, PgSql, jQuery.

Comments

Post a Comment

Popular posts from this blog

Using Virtual Columns in Laravel - Accessors and Appends

-
What are virtual columns?  While developing any web application sometimes we need virtual columns - columns don't actually exist in our DB table, but we drive them from other columns. Why we need them? For example, generally, we use first_name and last_name  in the  users table. But sometimes we also need user's complete name i.e. full_name . There is no benefit of saving full_name in user table if we have already first_name and last_name in the table OR even if we have full_name  as a column in our table then there is no benefit of saving first_name and last_name in the table. So in a scenario like this, we prefer to use the virtual column. Using Virtual Columns in Laravel Considering the first case, in Laravel to get virtual column i.e.  full_name  from the users table will have Accessors. Accessors are methods defined automatically called by Eloquent when select is called on that particular column. Let take an example here: To get full_...
Read more

How to Show Cookie Policy Consent or GDPR Popup in Laravel using Cookie.

-
Cookie in Laravel You can use the cookie in Laravel using the Helper method ` cookie() ` or method available with Request/Response Object or `Cookie` facade. $request->cookie('name'); OR use Illuminate\Support\Facades\Cookie; Cookie::get('name'); To get more clarity on how to use the cookie in Laravel with an example to show cookie consent popup on your Laravel website and hide/remove it once you accept the policy. Cookie Policy Consent Popup in Laravel First, create and a Cookie Consent popup as notification to the footer section of your Laravel main blade template file.  <div class="cookies-block">         <h5>This website uses cookies</h5>         <p>We use cookies to improve your experience and deliver personalised content. By using this website, you agree to our <a href="javascript:void()">Cookie Policy</a>.</p>         ...
Read more

Postman Collection Run - How to Test File Uploading API on CircleCi or Jenkins

-
Image
From last couple of days,  I was doing R&D on how we can test file uploading API on CircleCi or Postman collection Run? Finally, I found a way to test the File uploading APIs using the Postman Desktop app  OR Postman CLI collection run. I have also tested this solution, even on CircleCi for running the automated testing postman APIs by Postman CLI collection run. Here is step by step process, how you can test the file uploading API on CircleCi or Postman collection Run? Local Desktop App settings: Open and go to Local Postman app settings -> General Set working directly location  ( default is postman installation directory but can also choose any other directory ) Place files (to use in file upload APIs during the collection run) in the working directory selected as in the above step and also in the root directory of your project. Now go to the API in which you need to upload a file, and select the file from the working directory selected in step 2. Save that ...
Read more