Force SSL/HTTPS with mod_rewrite

mod-rewrite redirect ssl https
RSN picture RSN · Aug 25, 2009 · Viewed 19k times · Source

I have a Zend Framework application that I want to force into HTTPS using mod_rewrite. I am pretty lost when it comes to mod_rewrite. Here is my current .htaccess file in the root of my application.

RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-s
RewriteCond %{REQUEST_FILENAME} !-l
RewriteRule !\.(html|htm|php|js|ico|gif|jpg|png|css|csv)$ /subdir/index.php

What is the best way to force the application into HTTPS based on what I have? I have tried a couple of the examples I found on here, but I keep getting redirect loops or internal server errors when I try them.

Thanks for your help!

Answer

raphinesse picture raphinesse · Dec 3, 2015

The following solution works for both proxied and unproxied servers. So if you are using CloudFlare, AWS Elastic Load Balancing, Heroku, OpenShift or any other Cloud/PaaS solution and you are experiencing redirect loops with normal HTTPS redirects, give it a try.

RewriteEngine On

# If we receive a forwarded http request from a proxy...
RewriteCond %{HTTP:X-Forwarded-Proto} =http [OR]

# ...or just a plain old http request directly from the client
RewriteCond %{HTTP:X-Forwarded-Proto} =""
RewriteCond %{HTTPS} !=on

# Redirect to https version
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

# Put the rest of your rewrite rules here

Related questions

htaccess redirect to https://www

I have the following htaccess code: <IfModule mod_rewrite.c> RewriteEngine On RewriteCond !{HTTPS} off RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301] RewriteCond %{HTTP_HOST} !^www\. RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301] </…

Read More
.htaccess rewrite to redirect root URL to subdirectory

Trying to get www.example.com to go directly to www.example.com/store I have tried multiple bits of code and none work. What I've tried: Options +FollowSymlinks RewriteEngine on RewriteCond %{HTTP_HOST} ^example.com$ RewriteRule (.*) http://www.example.…

Read More
apache redirect from non www to www

I have a website that doesn't seem to redirect from non-www to www. My Apache configuration is as follows: RewriteEngine On ### re-direct to www RewriteCond %{http_host} !^www.example.com [nc] RewriteRule ^(.*)$ http://www.example.com/$1 [r=301,nc] What am …

Read More