How to redirect all HTTP requests to HTTPS

前端 未结 26 2177
小鲜肉
小鲜肉 2020-11-22 00:40

I\'m trying to redirect all insecure HTTP requests on my site (e.g. http://www.example.com) to HTTPS (https://www.example.com). I\'m using PHP btw.

相关标签:
26条回答
  • 2020-11-22 00:50

    To redirect all http requests to https , you can use :

    RewriteEngine on
    RewriteCond %{HTTPS} off
    RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [NE,L,R]
    

    If mod-rewrite isn't enabled and you are on apache 2.4, you can also use a Redirect inside if directive to redirect http requests to https .

    Apache 2.4.

    <if "%{HTTPS} !~ /on/">
    Redirect / https://www.example.com/
    </if>
    
    0 讨论(0)
  • 2020-11-22 00:52
     Redirect 301 / https://example.com/
    

    (worked for me when none of the above answers worked)

    Bonus:

    ServerAlias www.example.com example.com
    

    (fixed https://www.example.com not found)

    0 讨论(0)
  • 2020-11-22 00:53

    The best solution depends on your requirements. This is a summary of previously posted answers with some context added.

    If you work with the Apache web server and can change its configuration, follow the Apache documentation:

    <VirtualHost *:80>
        ServerName www.example.com
        Redirect "/" "https://www.example.com/"
    </VirtualHost>
    
    <VirtualHost *:443>
        ServerName www.example.com
        # ... SSL configuration goes here
    </VirtualHost>
    

    But you also asked if you can do it in a .htaccess file. In that case you can use Apache's RewriteEngine:

    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L]
    

    If everything is working fine and you want browsers to remember this redirect, you can declare it as permanent by changing the last line to:

    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
    

    But be careful if you may change your mind on this redirect. Browsers remember it for a very long time and won't check if it changed.

    You may not need the first line RewriteEngine On depending on the webserver configuration.

    If you look for a PHP solution, look at the $_SERVER array and the header function:

    if (!$_SERVER['HTTPS']) {
        header("Location: https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']); 
    } 
    
    0 讨论(0)
  • 2020-11-22 00:53

    take this code to you .htaccess file Redirect HTTP to HTTPS automatically

    RewriteEngine On RewriteCond %{HTTPS} off RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

    0 讨论(0)
  • 2020-11-22 00:53

    It works for me:

    <IfModule mod_rewrite.c>
     RewriteEngine On
      RewriteCond %{HTTPS} !on
      RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
    </IfModule>
    

    and for example, http://server/foo?email=someone%40example.com redirects normally without any issues. The file .htaccess located in the website root folder (for example named public_html). It is possible to use RewriteCond %{SERVER_PORT} !^443$ instead RewriteCond %{HTTPS} !on

    0 讨论(0)
  • 2020-11-22 00:54

    I found out that the best way for https and www on domain is

    RewriteCond %{HTTPS} off 
    RewriteCond %{HTTPS_HOST} !^www.example.com$ [NC]
    RewriteRule ^(.*)$ https://www.example.com/$1 [L,R=301]
    
    0 讨论(0)
提交回复
热议问题