I am self hosting a website on a Synology NAS. I have set up an SSL certificate, set up the DNS records on Google Domains. If I enter the website, andrewr.ca, into a browser it works fine. If I enter www.andrewr.ca it does not work and the SSL is not valid. I am trying to figure out how to fix this issue but get stuck every time. I have a .htaccess file that looks like this:
And my Google Domains account looks like this. [enter image description
My SSL cert looks like this:
Could someone please point me in the right direction here. I just want to be able to enter www.andrewr.ca and it works the exact same as if I enter andrewr.ca
I have tried changing the CNAME, changing the .htaccess and also adding a different SSL certificate but had no luck with anything I try so far.
This honestly probably has two separated answers out there for you to find, but I am posting this just because it's a solution we use currently in our setup to rewrite non https to https AND non www to www in one swoop. These are the rewrite directives in my production .htaccess
#SSL = 1
RewriteCond %{HTTP_HOST} !^example.com$ [NC]
RewriteRule ^/?(.*)$ https://example.com/$1 [R=301,L]
# Redirect www and http to https - non-www
RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [R=301,L]
This is not for everyone and ONLY works if you have a single domain in your setup -- Which the top two lines of the htacces file there are put there to deal with multiple domains on the single files set to canonicalize the domain .. Once you have multiple domains in there .. You WILL NEED a separated SSL for each domain, AND the www for it to work .. But as for a SINGLE domain, this will forward to https - non www without the need for a secondary SSL on the www
Related
I want to access the image folder which is located in (e.g "example.com/images/one.jpg").
I have created the subdomain named (e.g "subdomain.example.com").
Both domain folders are in same public_html.
How i can authoize my subdomain, which can access files using htaccess rules or anything else. i tired this "../../" before file name, but not working.
Note: i dont want to put a whole path to access the files from root domain, such as https://......
Thanks
Browsers deal in URLs, not the paths on your filesystem.
It sounds like you have configured your server so that the images are only available on example.com and are not available on subdomain.example.com.
You therefore need to tell the browser to access the images from the other hostname.
src="//example.com/images/one.jpg"
If you have a domain.com and sub.domain.com, these are two completely different paths. You cannot get data from each other using reference as path like '../images/foo.png'.
In this case, you have to put all the path https://www.sub.domain.com/images/foo.png. This is the same way you need to do when uses a subdomain as resource in order to decrease the number of request in your website for images and sources in general.
I did a little bit of server configuration in the .htaccess file. I write the rule that no image can be publicly accessible. but I want to authorize my subdomain which can access the image URL.
:
Note: both domains are in the same public_html directory
You would seem to require an exception for the subdomain and block other hostnames?
It's a bit of a guess how you are currently doing this - either with mod_authz_core and a <FilesMatch> container perhaps? Or using mod_rewrite? Or an Apache <If> expression??
You could do something like the following using mod_rewrite, near the top of the root .htaccess file to block access to all images, except when accessed via the subdomain.
RewriteEngine On
# Block (403 Forbidden) all image requests unless accessed through the subdomain
RewriteCond %{HTTP_HOST} !^subdomain\.example\.com
RewriteRule \.(jpe?g|png|webp|gif)$ - [F]
Now, a request of the form https://example.com/images/one.jpg will be blocked, but https://subdomain.example.com/images/one.jpg will be accessible.
i dont want to put a whole path to access the files from root domain
But you will need to use an absolute (or protocol-relative) URL to access the files from the subdomain.
UPDATE:
Current rules in my parent domain "example.com"
RewriteCond %{HTTP_REFERER} !^https://example.com/ [NC]
RewriteRule \.(gif|jpg|jpeg|png|mp4|mov|mkv|flv|svg)$ - [F,L]
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Ah, so you've implemented a form of hotlink protection! In that case you would seem to just need to modify the first condition to allow requests from the subdomain as well. For example:
RewriteCond %{HTTP_REFERER} !^https://(subdomain\.)?example.com/
To allow requests from both example.com and subdomain.example.com. The NC flag should be omitted. All browsers will lowercase the hostname in the request.
No other rules are required to "allow" access. You do not need to use the absolute URL to access these resources - since that does not appear to be what you are blocking. You simply need to be able to access these resources from another host (ie. the subdomain).
In summary:
RewriteEngine On
# Hotlink protection
RewriteCond %{HTTP_REFERER} !^https://(subdomain\.)?example.com/
RewriteRule \.(gif|jpg|jpeg|png|mp4|mov|mkv|flv|svg)$ - [F]
# HTTP to HTTPS redirect
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
The L flag is not required with the F flag, since it is implied.
The ^(.*)$ is unnecessary since the backreference is not being used. Simply having ^ is sufficient and more efficient - to be successful for everything without having to actually match everything.
I developed a website and from SEO point of view, the homepage of a website is available under three or more different URLs which accordingly poses a risk of duplicate content, since the same content can be accessed via different URLs.
for eg.
my website is opening with below URL
https://www.insider.in/index.php
https://www.insider.in/
https://insider.in/
Exact URL which is needed be like
https://www.insider.in/
for achieving the same i am using an .htaccess file with code given below:
RewriteCond %{THE_REQUEST} ^[A-Z]+\ /([^/]+/)*index\.(php|html?)[#?]?
RewriteRule ^(([^/]+/)*)index\.(php|html?)$ https://insider.in/$1[R=301,L]
I tried to redirect all duplicate URLs to one URL using the above .htaccess file code but it is not working, also i enabled all the file permissions in FileZilla but again no success.
Any help or reference will be appreciated, thankyou!
note- website is hosted in cloud server using FileZilla
for Reference I am sharing the screenshots
Image of development folder for your reference
Image of .htaccess rule which i have used
You can use the rules below to fix duplicate content issues on your site :
RewriteEngine on
#Redirect non-www domain to www
RewriteCond %{HTTP_HOST} ^insider\.in$ [NC]
RewriteRule ^ https://www.insider.in%{REQUEST_URI} [NE,L,R=301]
#Redirect /index.php to /
RewriteCond %{REQUEST_URI} ^/index\.php$
RewriteRule ^ https://www.insider.in/ [L,R=301]
Remember to put theses rules at the top of your htaccess.
I am currently using one host to host multiple domains (each domain is pointed to a folder in the root directory). Which generally works fine, but the problem comes when trying to access sub-directories of a domain.
So for example, I have the domain example.com which is pointed this way
example.com points to \folder\abc\
https://example.com works fine
https://example.com/xyz/ works fine, where xyz is a sub-directory in the abc folder.
https://example.com/xyz redirects to https://example.com/folder/abc/xyz/
Is there something I need to do in my .htaccess file or web.config to fix this issue where URLs without trailing slash point in a different way?
--
Update:
This is what my .htaccess rules look like:
RewriteCond %{HTTP_HOST} example\.com$
RewriteOptions AllowNoSlash
RewriteCond %{REQUEST_FILENAME} -d
RewriteCond %{REQUEST_URI} (.*)
RewriteCond %{REQUEST_URI} !/$
RewriteRule (.+[^/])$ %1/ [R=301,L]
I am setting up a ssl certificate for a website
http://www.wegetitall.ca
I have checked it with many different ssl checkers and everything is ok but neither chrome nor internet explorer pick it up. There is no lock sign in chrome and it doesn't even say the certificate is not secure, it just doesn't see it at all.
The certificate was bought from godaddy and more information about it can be found here: https://www.sslshopper.com/ssl-checker.html#hostname=www.wegetitall.ca
What could be the reasons it doesn't show?
I can see SSL connection with your website.
When you connect to your website, make sure you type https:// .... NOT http://
if the connection is http, you can redirect to https.
Check this thread for redirecting (it's based on a server with PHP running. Find the correct one that's applicable to you).
SSL is installed well you just need to redirect to HTTPS
Put following code in your .htaccess file.
RewriteEngine on
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule (.*) https://www.wegetitall.ca%{REQUEST_URI} [R=301,L]
I've tried countless combinations from forums, answers here on Stack Overflow, and blogs. I can't get this to work right.
I'd like to redirect all users to a subdirectory - "/const" - except for an IP that I deem worthy.
This is what I'm using so far:
RewriteEngine on
RewriteCond %{REMOTE_ADDR} !^91\.143\.253\.211
RewriteCond %{REQUEST_URI} !^/const/ [NC]
RewriteRule ^(.*)$ http://website.com/const/$1 [R=302,L]
And it redirects to the subfolder correctly, but it still redirects me, which is bad.
Little help?
You can use a Skip flag [s]. Here is an example with multiple IPs.
RewriteEngine on
RewriteBase /
RewriteCond %{REMOTE_ADDR} ^91\.143\.253\.211$ [OR]
RewriteCond %{REMOTE_ADDR} ^8\.8\.8\.8$
RewriteRule .? - [S=1]
RewriteCond %{REQUEST_URI} !^const [NC]
RewriteRule ^(.*)$ /const/$1 [R=302,L]
Note
In the example before I had %{REQUEST_FILENAME}. This typically only works on server config files where the path to the filename itself is visible to the redirection script. Here I've changed it to %{REQUEST_URI} the part of the request that the browser can actually access.
The rule that you have is correct. When I add those to a blank htaccess file, I get redirected to http://website.com/const/ as expected unless I change the first condition to my actual IP. Some things you should check:
Make sure you've flushed your browser's cache. Although 302 redirects shouldn't be cached in such a way, better to flush it just in case.
Make sure you are actually making a request from the expected IP (i.e. ^91\.143\.253\.211$). You can test this by adding this rule to the top of your htaccess file:
RewriteRule ^foo$ http://foo.bar/IP/%{REMOTE_ADDR} [L,R]
And if you go to http://website.com/foo you should get redirected to a non-existing site but with your IP in the URL. If that IP doesn't match 91.143.253.211 then you need to change your condition to match the right IP.