在 htaccess 重定向中强制使用非 www 和 HTTPS 会导致重定向过多 [英] Force non-www and HTTPS in htaccess redirect results in too many redirects

问题描述

我试图在 htaccess 中强制使用非 www https，但我发现的每个示例都会抛出错误重定向过多"

I'm trying to force non-www https in htaccess, but every example I find throws the error "too many redirects"

我想重定向:

• http://www.example.com
• http://example.com
• https://www.example.com

到:

• https://example.com

我找到的最佳解释解决方案在这里:
https://simonecarletti.com/blog/2016/08/redirect-domain-http-https-www-apache/

The best explained solution I've found is here:
https://simonecarletti.com/blog/2016/08/redirect-domain-http-https-www-apache/

...给出以下示例:

RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteRule ^ https://example.com%{REQUEST_URI} [L,NE,R=301]

多亏了解释，我明白它在做什么，但我仍然遇到同样的错误 - 重定向过多.

Thanks to the explanation I understand what it's doing, but I'm still getting the same error - too many redirects.

我能做的最好的是:

RewriteCond %{HTTP_HOST} ^www.example.com$ [NC]
RewriteRule ^(.*)$ https://example.com/$1 [R=301,L]

...但当然不会重定向 http://example.com.

...But of course that doesn't redirect http://example.com.

我在 httpd.conf 中没有设置重定向，在 Plesk 中也没有设置.我使用的是 CentOS 6.8、Apache 2.2.15、Plesk 12.5.

I have no redirects setup in httpd.conf, and None setup in Plesk. I'm on CentOS 6.8, Apache 2.2.15, Plesk 12.5.

是什么导致了这个问题?

What could be causing the issue?

推荐答案

添加您指定的 RewriteCond 和 RewriteRule 会在使用 http://或 https:/时为我提供 ?off_example.com/.这是预期的吗?

Adding the RewriteCond and RewriteRule you specify gives me ?off_example.com when using http:// or https://. Is that expected?

不，这不是预期的结果 - 这将是问题所在.当通过 https://... 访问时，HTTPS 应该 on.如果 HTTPS 服务器变量 从未设置为on"(或者更确切地说，永远不会从off"更改)，那么您的 RewriteRule 将导致重定向循环.

No, that's not the expected result - that will be the problem. HTTPS should be on when accessed over https://.... If the HTTPS server variable is never set to "on" (or rather, never changes from "off") then your RewriteRule will result in a redirect loop.

这表明让我们在 Plesk 中加密插件"是通过某种代理"(前端)服务器实现的?您的应用程序服务器仍然通过未加密的 HTTP 响应代理，并且客户端与代理的​​连接通过 HTTPS 加密.至少，看起来是这样的 - 但您的房东应该能够确认这一点.

This suggests that the "Let's Encrypt addon in Plesk" is implemented via some kind of "proxy" (front-end) server? Your application server still responds over unencrypted HTTP to the proxy and the clients connection to the proxy is encrypted over HTTPS. At least, that's what it looks like - but your host should be able to confirm this.

如果是这种情况，那么代理通常会设置额外的 HTTP 请求标头，其中包含有关客户端连接的详细信息.您应该能够检查您的应用程序看到的请求标头，但是使用正在使用的协议(http"或https")设置 X-Forwarded-Proto 标头是很常见的").如果是这种情况，那么您可能可以将现有指令更改为如下所示:

If this is the case then the proxy usually sets additional HTTP request headers with details about the client's connection. You should be able to examine the request headers that your application sees, but it is common for the X-Forwarded-Proto header to be set with the protocol that is being used ("http" or "https"). If this is the case then you can probably change your existing directives to something like the following instead:

RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteRule ^ https://example.com%{REQUEST_URI} [L,NE,R=301]

<小时>

另一种不太常见的方法是让(前端)服务器设置 HTTPS 环境变量(可能是 由 mod_ssl 提供?) - 请注意，这与名称相似的 HTTPS 服务器变量，如上所述.这个环境变量是使用 mod_rewrite 指令中的语法 %{ENV:HTTPS} 访问的，如果设置，则包含与 HTTPS 服务器变量.例如:

---

Another, less common method is for the (front-end) server to set an HTTPS environment variable (possibly provided by mod_ssl?) instead - note that this is different to the similarly named HTTPS server variable, as mentioned above. This environment variable is accessed using the syntax %{ENV:HTTPS} in the mod_rewrite directive and, if set, contains the same value as would otherwise be provided by the HTTPS server variable. For example:

RewriteEngine On
RewriteCond %{ENV:HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteRule ^ https://example.com%{REQUEST_URI} [L,NE,R=301]

这篇关于在 htaccess 重定向中强制使用非 www 和 HTTPS 会导致重定向过多的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！