I would like to know how to force HTTPS using .htaccess in just a certain domain / subdomain. The code I use is forcing https across all subdomains ... and one of my subdomains does not have SSL, so I hope it does not work on https.
My .htaccess :
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
I have tried to put a different htacess in my subdomain, but it did not work.
The correct name for the file is: .htaccess
Using mod_rewrite to force HTTPS is not recommended for security reasons. read more on RedirectSSL
It is recommended that you use Virtual Host for this ... you can try this:
NameVirtualHost *:80
<VirtualHost *:80>
ServerName www.example.com
Redirect permanent / https://secure.example.com/
</VirtualHost>
<VirtualHost _default_:443>
ServerName secure.example.com
DocumentRoot /usr/local/apache2/htdocs
SSLEngine On
# etc...
</VirtualHost>
If you even know this, you still want to use mod_rewrite :
1 = Remove the .htaccess file from the root site: usually / var / www / html
2 = Create the virtual hosts.
3 = Put a .htaccess in the web root of each virtual host that you want HTTPS.
Sample file .htaccess :
RewriteEngine On
# This will enable the Rewrite capabilities
RewriteCond %{HTTPS} !=on
# This checks to make sure the connection is not already HTTPS
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
# This rule will redirect users from their original location, to the same location but using HTTPS.
# i.e. http://www.example.com/foo/ to https://www.example.com/foo/
# The leading slash is made optional so that this will work either in httpd.conf
# or .htaccess context
For other users who ask about the same question, remember to check if your webserver is with the REWRITE module enabled, if it is not, you can enable it with the command:
a2enmod rewrite
I hope I have helped!