Zf2 - force SSL / https with .htaccess
I followed this question as well as this question But it didn't work for me.
I'm on Zend Framework2
I am getting error page is not redirecting properly
.
This is my .htaccess file,
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{REQUEST_FILENAME} -s [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteCond %{REQUEST_URI}::$1 ^(/.+)(.+)::\2$
RewriteRule ^(.*) - [E=BASE:%1]
RewriteCond $1 !^(index\.php|robots\.txt|(.*).gif|(.*).jpg|(.*).png|(.*).jpeg|(.*).GIF|(.*).JPG|(.*).PNG|(.*).JPEG|upload|(.*).js|(.*).css)
RewriteRule ^(.*)$ %{ENV:BASE}index.php [NC,L]
<IfModule mod_deflate.c>
<IfModule mod_setenvif.c>
<IfModule mod_headers.c>
SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding
RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding
</IfModule>
</IfModule>
<IfModule mod_filter.c>
AddOutputFilterByType DEFLATE application/atom+xml \
application/javascript \
application/json \
application/rss+xml \
application/vnd.ms-fontobject \
application/x-font-ttf \
application/x-web-app-manifest+json \
application/xhtml+xml \
application/xml \
font/opentype \
image/svg+xml \
image/x-icon \
text/css \
text/html \
text/plain \
text/x-component \
text/xml
</IfModule>
</IfModule>
<IfModule mod_php5.c>
#Session timeout 90 days - 7776000
php_value session.cookie_lifetime 7776000
php_value session.gc_maxlifetime 7776000
</IfModule>
I added this when running the .htaccess file,
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
But didn't work for me.
What am I doing wrong?
Edit - Apache version 2.2.15.
source to share
Try using in htaccess
RewriteCond %{HTTP_HOST} ^example.net$ [NC]
RewriteRule (.*) https://www.example.net/$1 [R=301,L]
or just add the function to your bootstrap file
protected function _initForceSSL() {
if($_SERVER['SERVER_PORT'] != '443') {
header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit();
}
}
source to share
To force all web traffic to use HTTPS, paste the following lines of code into your .htaccess file in the root folder of your websites.
Important: if you have existing code in your .htacess add this above where there are already rules with the same start prefix.
To force a specific domain to use HTTPS, use the following lines of code in the .htaccess file at the root of your site:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^example\.com [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]
Make sure to replace example.com with the domain name you are trying to force https. Also, you need to replace www.example.com with your actual domain name.
If you want to force SSL to connect to a specific folder, you can paste the code below into the .htaccess file located in that specific folder:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} folder
RewriteRule ^(.*)$ https://www.example.com/folder/$1 [R,L]
Make sure you change the folder link to the actual folder name. Then be sure to replace www.example.com/folder with your actual domain name and folder where you want to force SSL to be enabled.
source to share
Favori solution.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [R=301,L]
</IfModule>
Good answer Best practice: 301 Redirect HTTP to HTTPS (standard domain)
source to share