Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
756 views
in Technique[技术] by (71.8m points)

apache - Force non-www and HTTPS in htaccess redirect results in too many redirects

I'm trying to force non-www https in htaccess, but every example I find throws the error "too many redirects"

I want to redirect:

  • http://www.example.com
  • http://example.com
  • https://www.example.com

to:

  • https://example.com

The best explained solution I've found is here:
https://simonecarletti.com/blog/2016/08/redirect-domain-http-https-www-apache/

...Which gives the following example:

RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www. [NC]
RewriteRule ^ https://example.com%{REQUEST_URI} [L,NE,R=301]

Thanks to the explanation I understand what it's doing, but I'm still getting the same error - too many redirects.

The best I have been able to do is:

RewriteCond %{HTTP_HOST} ^www.example.com$ [NC]
RewriteRule ^(.*)$ https://example.com/$1 [R=301,L]

...But of course that doesn't redirect http://example.com.

I have no redirects setup in httpd.conf, and None setup in Plesk. I'm on CentOS 6.8, Apache 2.2.15, Plesk 12.5.

What could be causing the issue?

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

Adding the RewriteCond and RewriteRule you specify gives me ?off_example.com when using http:// or https://. Is that expected?

No, that's not the expected result - that will be the problem. HTTPS should be on when accessed over https://.... If the HTTPS server variable is never set to "on" (or rather, never changes from "off") then your RewriteRule will result in a redirect loop.

This suggests that the "Let's Encrypt addon in Plesk" is implemented via some kind of "proxy" (front-end) server? Your application server still responds over unencrypted HTTP to the proxy and the clients connection to the proxy is encrypted over HTTPS. At least, that's what it looks like - but your host should be able to confirm this.

If this is the case then the proxy usually sets additional HTTP request headers with details about the client's connection. You should be able to examine the request headers that your application sees, but it is common for the X-Forwarded-Proto header to be set with the protocol that is being used ("http" or "https"). If this is the case then you can probably change your existing directives to something like the following instead:

RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https [OR]
RewriteCond %{HTTP_HOST} ^www. [NC]
RewriteRule ^ https://example.com%{REQUEST_URI} [L,NE,R=301]

Another, less common method is for the (front-end) server to set an HTTPS environment variable (possibly provided by mod_ssl?) instead - note that this is different to the similarly named HTTPS server variable, as mentioned above. This environment variable is accessed using the syntax %{ENV:HTTPS} in the mod_rewrite directive and, if set, contains the same value as would otherwise be provided by the HTTPS server variable. For example:

RewriteEngine On
RewriteCond %{ENV:HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www. [NC]
RewriteRule ^ https://example.com%{REQUEST_URI} [L,NE,R=301]

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...