XF 1.5 htaccess force SSL / https connection and remove www prefix.

[Andrew]

Hi,

I am trying to force all connections to my website to use a secure connection, while also removing any www prefix.

Here is my current syntax, but it doesn't work for all cases.

    #    Force SSL connections and remove WWW from domain.
    RewriteCond %{HTTP_HOST} !^forgestorm\.com$
    RewriteRule ^(.*)$ https://forgestorm.com/$1 [R=301,L]

Spoiler: Complete .htaccess file.

#    Mod_security can interfere with uploading of content such as attachments. If you
#    cannot attach files, remove the "#" from the lines below.
#<IfModule mod_security.c>
#    SecFilterEngine Off
#    SecFilterScanPOST Off
#</IfModule>

ErrorDocument 401 default
ErrorDocument 403 default
ErrorDocument 404 default
ErrorDocument 405 default
ErrorDocument 406 default
ErrorDocument 500 default
ErrorDocument 501 default
ErrorDocument 503 default

<IfModule mod_rewrite.c>
    RewriteEngine On
   
    #    Force SSL connections and remove WWW from domain.
    RewriteCond %{HTTP_HOST} !^forgestorm\.com$
    RewriteRule ^(.*)$ https://forgestorm.com/$1 [R=301,L]
   
    #    If you are having problems with the rewrite rules, remove the "#" from the
    #    line that begins "RewriteBase" below. You will also have to change the path
    #    of the rewrite to reflect the path to your XenForo installation.
    #RewriteBase /xenforo

    #    This line may be needed to enable WebDAV editing with PHP as a CGI.
    #RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

    RewriteCond %{REQUEST_FILENAME} -f [OR]
    RewriteCond %{REQUEST_FILENAME} -l [OR]
    RewriteCond %{REQUEST_FILENAME} -d
    RewriteRule ^.*$ - [NC,L]
    RewriteRule ^(data/|js/|styles/|install/|favicon\.ico|crossdomain\.xml|robots\.txt) - [NC,L]
    RewriteRule ^.*$ index.php [NC,L]
</IfModule>

Problems:

1. When you try to visit www.forgestorm.com you get an error page.
2. When you visit http://forgestorm.com/ you don't get a secure connection.

NOTE: You must type the url's in as listed above to get these strange errors.

Main Redirect Goal:

1. Any www prefix entered by the user is removed.
2. Always force https / SSL / secure connection to the website.
3. Remove any non existant domain prefix. Example: prefix.domain.com -> https://domain.com

Thank you for all the help! I did find a lot of content on the subject. I have tried a lot of examples but I can't get them to do all three goals listed above. I don't understand the syntax to make appropriate changes.

Any help is appreciated! Have a wonderful day and thanks again!
-Andrew

 

[DragonByte Tech]

Can't help with removing WWW as I personally like it, but here's the .htaccess code for enforcing SSL:

    # Force SSL:
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

You should put this after the code to enforce no-www.


Fillip

 

[Mike]

The www example works for me. The SSL redirect doesn't, but there isn't any code in place to do that in your .htaccess, so that isn't surprising.

 

[Andrew]

Can't help with removing WWW as I personally like it, but here's the .htaccess code for enforcing SSL:

    # Force SSL:
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

You should put this after the code to enforce no-www.


Fillip

Thank you! I have added that line of syntax to the file.

The www example works for me. The SSL redirect doesn't, but there isn't any code in place to do that in your .htaccess, so that isn't surprising.

You are right it does work. However, I seem to have an issue. When you type https://www.forgestorm.com it redirects you to https://forgestorm.com/forum/ which shows an error. That being said, https://forgestorm.com/forums/ (adding "s" to forum) is the correct path. However I do not define this redirect in the htaccess file. I am not 100% sure if this has something to do with XenPorta 2 plugin. I have checked the options in both "Basic Board Information" and "XenPorta 2 Options" with no luck. However if you guys know how to fix this, I would greatly appreciate your assistance!

Spoiler: Current htaccess file syntax

#    Mod_security can interfere with uploading of content such as attachments. If you
#    cannot attach files, remove the "#" from the lines below.
#<IfModule mod_security.c>
#    SecFilterEngine Off
#    SecFilterScanPOST Off
#</IfModule>

ErrorDocument 401 default
ErrorDocument 403 default
ErrorDocument 404 default
ErrorDocument 405 default
ErrorDocument 406 default
ErrorDocument 500 default
ErrorDocument 501 default
ErrorDocument 503 default

<IfModule mod_rewrite.c>
    RewriteEngine On
    
    #    Remove WWW from domain.
    RewriteCond %{HTTP_HOST} !^forgestorm\.com$
    RewriteRule ^(.*)$ https://forgestorm.com/$1 [R=301,L]
    
    #    Force SSL.
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
    
    #    If you are having problems with the rewrite rules, remove the "#" from the
    #    line that begins "RewriteBase" below. You will also have to change the path
    #    of the rewrite to reflect the path to your XenForo installation.
    #RewriteBase /xenforo

    #    This line may be needed to enable WebDAV editing with PHP as a CGI.
    #RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

    RewriteCond %{REQUEST_FILENAME} -f [OR]
    RewriteCond %{REQUEST_FILENAME} -l [OR]
    RewriteCond %{REQUEST_FILENAME} -d
    RewriteRule ^.*$ - [NC,L]
    RewriteRule ^(data/|js/|styles/|install/|favicon\.ico|crossdomain\.xml|robots\.txt) - [NC,L]
    RewriteRule ^.*$ index.php [NC,L]
</IfModule>

 

[Mike]

However, I seem to have an issue. When you type https://www.forgestorm.com it redirects you to https://forgestorm.com/forum/ which shows an error.

I just clicked on that link here and I didn't get redirected (it stayed at the root).

 

[Andrew]

I just clicked on that link here and I didn't get redirected (it stayed at the root).

That is bizarre! In chrome I get the error page. And in MS Edge it goes to root.

 

[Robru]

https://forgestorm.com/forums/

https://forgestorm.com/forums/

 

[Andrew]

https://forgestorm.com/forums/

https://forgestorm.com/forums/

@Robru I am aware of the s as mentioned in post #4. What I don't understand is why typing https://www.forgestorm.com redirects me to that specific link. It only seems to do that on chrome for me, so maybe it's a cache issue. I am not sure.

EDIT: Just checked it on my phone and it goes to root as is desired. Strange..

 

[Robru]

It only seems to do that on chrome for me, so maybe it's a cache issue. I am not sure.

Here, with all browsers, https://www.forgestorm.com works perfectly.
As you already say, probably a cache issue.

 

[DragonByte Tech]

EDIT: Just checked it on my phone and it goes to root as is desired. Strange..

You should be aware that browsers will cache redirects, in order to reduce strain on your server. In other words, can you try clearing your browser's cache, then testing the whole suite of links again?


Fillip

 

[Andrew]

Here, with all browsers, https://www.forgestorm.com works perfectly.
As you already say, probably a cache issue.

Thank you for testing it for me! I appreciate your help!

You should be aware that browsers will cache redirects, in order to reduce strain on your server. In other words, can you try clearing your browser's cache, then testing the whole suite of links again?


Fillip

Thank you Fillip for your help! I learned something new too!

You guys rock! And the community here is amazing!!