Geek Answers Handbook

Force SSL + WWW in CakePHP.htaccess

I know that the topic "How to force HTTPS + WWW" is often discussed and resolved, and in general it works for me.

But since I now have a specific predefined .htaccess from CakePHP, I donโ€™t know how to enable it.

.htaccess for CakePHP:

RewriteEngine On RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^(.*)$ index.php?url=$1 [QSA,L]

If I put the usual code for HTTPS / WWW Forcing at the beginning or in the opposite direction to this code, it does not work properly, because all requests are configured on the root directory, and not on, for example,. / Contact.

I usually use:

 RewriteCond %{HTTPS} !on [OR] RewriteCond %{HTTP_HOST} !^www\.mydomain\.com$ [NC] RewriteRule ^ https://www.mydomain.com%{REQUEST_URI} [R=301]

But you cannot just include this above ...

Can someone please help me , including HTTPS / WWW Forcing in the above .htaccess?

+4
source share
4 answers

Thanks LazyOne, this may work, but for me it often ended in "mydomain.com/redirect:/app/webroot/index.php", which was really strange. But maybe itโ€™s related to "{REQUEST_URI}" because I had to change my

 RewriteRule ^(.*)$ index.php?url=$1 [QSA,L]

to

 RewriteRule ^(.*)$ index.php [QSA,L]

due to weird redirection issues (I donโ€™t know what happened, CakePHP unexpectedly requests "Redirect: Controller" as described here http://groups.google.com/group/croogo/browse_thread/thread/55539dabfd0191fd?pli=1 - any idea about this?).

Now works with this code:

 RewriteCond %{HTTP_HOST} ^mydomain.com RewriteRule (.*) https://www.mydomain.com/$1 [R=301,L] RewriteCond %{HTTPS} !on RewriteRule (.*) https://www.mydomain.com/$1 [R=301,L] RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^(.*)$ index.php [QSA,L]
+2
source

General way:

 <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteCond %{HTTPS} !on RewriteRule (.*) https://%{HTTP_HOST}/$1 [R=301,L] RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^(.*)$ index.php [QSA,L] </IfModule>

Hard coding of a domain name is not required. Also, the request will not be redirected to root when switching from http to https

+4
source

Here's how it should be:

 RewriteEngine On # force https and www. RewriteCond %{HTTPS} !on [OR] RewriteCond %{HTTP_HOST} !^www\.mydomain\.com$ [NC] RewriteRule ^ https://www.mydomain.com%{REQUEST_URI} [R=301,L] # route all requests for non-existing resources to CakePHP RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^(.*)$ index.php?url=$1 [QSA,L]
+1
source

Another way could be to force the use of SSL using a component? http://bakery.cakephp.org/articles/lemon/2008/07/07/component-for-forcing-a-secure-connection

0
source

More articles:


All Articles