http到https重定向通过htaccess：错误的重定向错误 [英] http to https redirection through htaccess: incorrect redirection error

问题描述

我需要所有http重定向https：

I need all http to redirect https:

RewriteEngine On
RewriteBase /

RewriteCond %{HTTP_HOST} !^some-domain\.com$ [NC]
RewriteRule ^(.*)$ https://some-domain.com/$1 [R=301,L]

RewriteCond %{THE_REQUEST} /(\.+) [OR]
RewriteCond %{THE_REQUEST} /(\?+) [OR]
RewriteCond %{THE_REQUEST} /(/+)
RewriteRule ^(.*)$ 404.html [L]
RewriteRule ^core/(install|temp|smarty|modules|languages|includes|functions|fonts|files|config|classes|cache|backup|tpl)/(.*) - [F]
RewriteRule ^data/(.+)\.(tpl\.html|php|php3|php4|php5|phtml|pl|cgi) - [F]
RewriteRule ^install_check\.html$ install.php?check=yes [L]
RewriteRule ^index\.html$ index.php [L]
RewriteRule ^news\.html$ index.php?news=yes [L]
RewriteRule ^price\.html$ index.php?show_price=yes [L]
RewriteRule ^cart\.html$ index.php?shopping_cart=yes [L]
RewriteRule ^wide_search\.html$ index.php?search_with_change_category_ability=yes [L]
RewriteRule ^feedback\.html$ index.php?feedback=yes [L]
RewriteRule ^compare\.html$ index.php?comparison_products=yes [L]
RewriteRule ^page_([0-9]+)\.html$ index.php?show_aux_page=$1 [L]
RewriteRule ^product_([0-9]+)\.html$ index.php?productID=$1 [L]
RewriteRule ^category_([0-9]+)\.html$ index.php?categoryID=$1 [L]
RewriteRule ^category_([0-9]+)_offset_([0-9]+)\.html$ index.php?categoryID=$1&offset=$2 [L]
RewriteRule ^category_([0-9]+)_show_all\.html$ index.php?categoryID=$1&show_all=yes [L]
RewriteRule ^show_news_([0-9]+)\.html$ index.php?fullnews=$1 [L]

# BEGIN Articles
RewriteRule ^poleznoe/([^/]+)\.html$ index.php?fullarticles=$1 [L]
RewriteRule ^poleznoe/([0-9]+)/$ index.php?articles=yes&offset=$1 [L]
RewriteRule ^poleznoe/$ index.php?articles=yes [L]
# END Articles

RewriteRule ^google([a-z0-9_-]+).html$ google$1.html [L]
RewriteRule ^yandex([a-z0-9_-]+).html$ yandex$1.html [L]

# BEGIN Human friendly URL's
RewriteRule ^news/([^/]*).html$ index.php?uri=$1&uriFor=news [L]
RewriteRule ^([^/]*).html$ index.php?uri=$1&uriFor=pages [L]
RewriteRule ^([^/]*)/$ index.php?uri=$1&uriFor=category [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} !([^/]*)/$
RewriteRule ^([^/]*)$  $1/ [L,R=301]
RewriteRule ^(([^/]*)_offset_([0-9]+))/$ index.php?uri=$1&uriFor=category&offset=$2 [L]
RewriteRule ^([^/]*)_show_all/$ index.php?uri=$1&uriFor=category&show_all=yes [L]
#RewriteRule ^([^/]*)/([^/]*)/([^/]*)\.html$ index.php?uri=$3&uriFor=product [L]
RewriteRule ^([^/]*)/([^/]*)\.html$ index.php?uri=$2&uriFor=product [L]
# END Human friendly URL's

我用谷歌搜索了几次这个解决方案：

I've googled and came accross this solution several times:

RewriteCond %{HTTPS} off
RewriteRule ^.*$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

但如果我将它放在 RewriteEngine On 之后或之后RewriteBase / 或接近或之间的任何地方

but if I place it after RewriteEngine On or after RewriteBase / or anywhere near or between

RewriteCond %{HTTP_HOST} !^some-domain\.com$ [NC]
RewriteRule ^(.*)$ https://some-domain.com/$1 [R=301,L]

加载页面时，它给出了错误的重定向错误。请告诉我我做错了什么。

It gives me incorrect redirection error when I load the page. Please, tell me what I am doing wrong.

提前致谢。

推荐答案

$ _ SERVER ['HTTPS'] 始终为空，但 $ _ SERVER ['HTTP_X_FORWARDED_PROTO'] 当我在https页面时返回https

$_SERVER['HTTPS'] is always empty, but $_SERVER['HTTP_X_FORWARDED_PROTO'] returns https when I am on https page

这告诉您SSL由前端管理代理服务器，而不是您的应用服务器您的应用程序服务器似乎没有安装SSL证书，并且很可能通过端口80向代理服务器提供纯HTTP请求。然后代理服务器向客户端提供安全的HTTPS响应，因此客户端请求是安全的。

This tells you that your SSL is managed by a front-end proxy server, not your application server. Your application server does not appear to have an SSL cert installed and is most probably serving a plain HTTP request over port 80 to the proxy server. The proxy server then serves a secure HTTPS response back to the client, so the clients request is secure.

这意味着如果您的应用程序服务器尝试通过简单地检查标准服务器变量（即 HTTPS 或 SERVER_PORT ）将HTTP重定向到HTTPS然后这个由于 HTTPS 总是关闭而 SERVER_PORT 始终是重定向循环，因此可能会失败80 - 即使在重定向之后。 （请注意， HTTPS Apache变量可能会关闭，但这通常会转换为PHP超全局 $ _ SERVER ['HTTPS'] 为空 - 这就是PHP处理它的方式。）

What this means is that if your application server attempts to redirect HTTP to HTTPS by simply checking the standard server variables (ie. HTTPS or SERVER_PORT) then this is likely to fail with a redirect loop since HTTPS is always off and SERVER_PORT is always 80 - even after the redirect. (Note that the HTTPS Apache variable is likely to be "off", but this often translates to a PHP superglobal $_SERVER['HTTPS'] that is empty - that's just how PHP handles it.)

请注意，可以执行HTTP到HTTPS的重定向相反，在它甚至到达应用程序服务器之前，在前端代理中。 （Cloudflare使用页面规则执行此操作。）

Note that the HTTP to HTTPS redirect could be performed in the front-end proxy instead, before it even gets to the application server. (Cloudflare does this with its page rules.)

或者，您可以检查代理服务器设置的其他HTTP请求标头请求转发从代理到您的应用程序服务器。 X-Forwarded-Proto 标头（由PHP存储为 $ _ SERVER ['HTTP_X_FORWARDED_PROTO'] ）已设置通过代理服务器告诉您客户端用于连接代理的协议。

Alternatively, you can examine the additional HTTP request headers that are set by the proxy server as the request is forwarded from the proxy to your application server. The X-Forwarded-Proto header (which is stored by PHP as $_SERVER['HTTP_X_FORWARDED_PROTO']) is set by the proxy server and tells you what protocol the client used to connect to your proxy.

因此，将规范重定向结合在一起：

So, bringing the canonical redirects together:

# www to non-www redirect
RewriteCond %{HTTP_HOST} !^example\.com
RewriteRule (.*) https://example.com/$1 [R=301,L]

# http to https redirect
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

格式在您发布的指令中，www至非www重定向应首先出现，以避免在请求 http://www.example.com 时避免双重定向（即。 HTTP和www）。

With the format of the directives you posted, the www to non-www redirect should come first in order to avoid a double redirect when requesting http://www.example.com (ie. HTTP and www).

请注意，当您在处理SSL的代理服务器后面时，您应该只使用这种类型的HTTP进行HTTPS重定向。否则，恶意客户端请求可能伪造 X-Forwarded-Proto HTTP请求标头（但是，这应该由您的代理服务器处理）。

Note that you should only use this type of HTTP to HTTPS redirect when you are behind a proxy server that is handling the SSL. Otherwise, the X-Forwarded-Proto HTTP request header could be faked by a malicious client request (this, however, should be handled by your proxy server).

如果您愿意，可以将这两条规则合并为一条规则：

These two rules can be combined into 1 rule if you wish:

# Canonical redirect (no-www and HTTPS)
RewriteCond %{HTTP_HOST} !^example\.com [OR]
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule (.*) https://example.com/$1 [R=301,L]

这篇关于http到https重定向通过htaccess：错误的重定向错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！