开发者

How to redirect https://www.example.com to https://example.com

I have looked around and I can't seem to find a definitive solution for this. We are having a small problem with a few or our visitors that are typing in our domain as such:

https://www.example.com - This is giving a security warning "There is a problem with this website's security开发者_C百科 certificate."

We have an SSL set up for example.com

So if someone types in http://www.example.com or www.example.com this gets redirected to https://example.com which works fine.

This is what I have currently have in my .htaccess file:

Options +FollowSymLinks 
RewriteEngine on
RewriteCond %{SERVER_PORT} 80
RewriteCond %{SERVER_PORT} !^443$ [OR]
RewriteCond %{HTTPS} on
RewriteCond %{HTTP_HOST} ^www\.(.*) [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,NC,L]


edit:

Most SSL certificates are issued for a specific hostname, e.g. www.example.com or just example.com (and there can be wildcard certificates for *.example.com too) so this might be the case.

Maybe making the www. subdomain an optional match in the last RewriteCond might help to get the user to the domain stated in the certificate:

RewriteCond %{HTTP_HOST} ^(?:www\.)?(.*) [NC]


I think the problem is not with the rewrite/redirect rules but simply with the way http servers handle ssl connection. Before even server has a chance to look into rewrite/redirect rules the SSL handshake take place and if we have a cert for example.com and we enter URL www.example.com connection will abort due to invalid certificate. Check for yourself, set up redirect condition to point URL www.example.com to example.com on SSL secured domain. At first you'll get invalid cert error, but when you add an exception to your browser you'll notice that it works.


Try this

RewriteCond %{HTTP_HOST} ^[a-z0-9-]+\.[a-z]+$
RewriteRule !"" https://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L,NC]

instead of

RewriteCond %{HTTP_HOST} ^www\.(.*) [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,NC,L]


What you are trying to do is impossible. If a user accesses www.domain.cc over SSL, then you will get a certificate error if you do not have a valid SSL certificate - even if all you want to do is redirect them to the correct site.

You will either need a new certificate for www.domain.cc, or convince your registrar to give you a wildcard certificate for *.domain.cc, or one with multiple subjectAltName properties. See http://www.crsr.net/Notes/Apache-HTTPS-virtual-host.html

Or ask for SNA http://en.wikipedia.org/wiki/Server_Name_Indication


Firstly, you will need an SSL certificate that covers both www.xxxx.yyy and xxxx.yyy. Your provider may cover both if you get the cert for www.xxxx.yyy, but only the xxxx.yyy if you get it for that. Read their conditions carefully.

I had read so many suggestions as to how to redirect, with all manner of ad-hoc opinions, with varying results, and mostly without any formal explanation.

Of course, that means going to the Apache .htaccess reference and working from first principles was in order.

Just to reiterate, the main requirement is to redirect all http(s) requests to https://xxxx.yyy.

As always, turn the rewrite engine on:

RewriteEngine On

For http, that is:

RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://xxx.yyy/$1 [L,R]

However, doing the same for https (port = 443), will force a loop, which bombs out with an error. We have to restrict the process to only working for the https and www. We do this by providing two RewriteCond statements in a row, which are treated as an implicit AND:

RewriteCond %{SERVER_PORT} 443
RewriteCond %{HTTP_HOST} ^www[.].+$
RewriteRule ^(.*)$ https://xxxx.yyy/$1 [L,R]

At the end of the RewriteRule, the [L,R] tells the rewrite engine to:

  1. L = stop at that rule. That is, if a rule is executed because its conditions (RewriteCond) were satisfied, stop when done, else go to the next conditions/rule set.
  2. R = issue a HTTP redirect (default code = 302) to the browser, so user or automatic action can be taken to update bookmarks, so they always use the https://xxxx.yyy in future.
0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜