About HTTPs enforce and .htaccess

  • Hello! SG

    I would like to consult about this option – Enforce HTTPS.
    AFAI try, checking this option adds the following settings to .htaccess

    RewriteCond %{HTTP_HOST} !^www\. [NC]
    RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
    RewriteCond %{HTTP:X-Forwarded-Proto} !https
    RewriteCond %{HTTPS} off
    RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

    But sometimes it only adds this

    RewriteCond %{HTTP_HOST} !^www\. [NC]
    RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

    To what circumstance, it do not output ^www… ?
    Does this related to site builtin Cloudflare support?
    I am using the recommended free plan for some client sites. While I have also subscribed to Cloudflare Business for some other clients.

    Many thanks.

Viewing 1 replies (of 1 total)
  • Plugin Author Stoyan Georgiev

    (@stoyangeorgiev)

    Hello there @simongcc,

    If you are using www the following rules are added to the htaccess file 

    RewriteCond %{HTTP_HOST} !^www\. [NC]\n
RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

    In order to redirect to https://www. directly instead of
    requests to https:// and from then to https:// and from then to https://www.

    This one is used to redirect any requests from https:// to https://

    RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

    So to sum up, if you are using your application without www, only the bottom part of the rules will be added. if you are using it with www, the first one will be added as well to skip those redirects from non-https to https and from there to https://www.

    Kind regards,
    Stoyan

Viewing 1 replies (of 1 total)
  • The topic ‘About HTTPs enforce and .htaccess’ is closed to new replies.