Converting to SSL with a changed URL structure: order of items in htaccess

Discussion in 'Servers and Control Panels' started by djbaxter, Sep 21, 2018.

  1. djbaxter

    djbaxter Tazmanian Veteran

    10,481
    917
    +452
    Continuing with an upgrade of a very old forum, the next step is conversion to HTTPS.

    SSL certificate already applied.

    Now, the URL structure has also changed from vBSEO (uninstalled) to Standard vBulletin 4.2.5 Friendly URLs.

    Posts are easy to redirect:

    Code:
    #rewrite old vBSEO urls
    RewriteRule [^/]+/([0-9]+)-[^/]+\.html http://www.politics.ie/showthread.php?t=$1 [L,R=301]
    But then in order not to lose search index links to categories and forums, as well as certain special links, I have a rather large number of Redirect 301 lines similar to this:

    Code:
    Redirect 301 /forum/current-affairs/ http://www.domain.com/forumdisplay.php?26-Current-Affairs
    My question:

    The redirect for http to https and for non-www to www will look something like this (I think this should do both?):

    Code:
    RewriteCond %{HTTP_HOST} ^politics\.ie$ [OR]
    RewriteCond %{HTTP_HOST} ^www\.domain\.com$
    RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
    RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
    RewriteRule ^\$\/?(.*)$ "https\:\/\/www\.domain\.com\/\$$1" [R=301,L]
    So is it better to use the http to https redirect FIRST before all the Redirect 301 statements?

    Or should the Redirect 301 statements come first, ending with the https to https instructions?
     
  2. Tracy Perry

    Tracy Perry Opinionated asshat

    5,144
    492
    +3,539
    I've always understood that the HTTP -> HTTPS needs to be the first in the stack.
     
    • Informative! Informative! x 1
    • List
  3. mysiteguy

    mysiteguy Devotee

    2,538
    887
    +1,785
    First thing I need to mention is you should not use rewritecond (mod_rewrite) redirects with Redirect directives. The reason is they aren't processed the way you might think. What happens is each type is done in a separate top to bottom scan of the .htaccess file. They aren't sequentially processed when intermixed. Pick one type or the other. I use rewritecond/rewriterule exclusively as it's much more power (especially if you use Apache 2.4+).

    As to order, I'd put the URL redirects first, and make them work with either HTTP or HTTPS. This way if someone visits an old URL via HTTP, they get a single 301 which does both the URL redirect and the change to HTTPs.

    Under those, put in your catchall HTTP to HTTPS redirect.
     
  4. Tracy Perry

    Tracy Perry Opinionated asshat

    5,144
    492
    +3,539
    Good info. Haven't played with Apache since around 2006'ish so wasn't sure. Makes sense though but does go against the grain on what has been suggested in the past by other admins I have read.
     
  5. mysiteguy

    mysiteguy Devotee

    2,538
    887
    +1,785
    What I suggested is actually in line with what you said, except when there's a case when you can accomplish both with one redirect.

    About mixing mod_alias (redirect, redirectmatch, etc) with mod_rewrite (rewritecond/rewriterule), I left something out in my explaination. Rewritecond/Rewriterule is the first sequential scan, and Redirect/Redirect match is the second.

    Early on before I learned this, there were a few instances where I was writing some complex conditions and got unexplained infininate redirect loops, or a redirectmatch above a rewrite was getting executed second, not first and I spent countless hours trying to figure it out. This was before the days of stackexchange and the like. I finally found the solution deep in Apache's documentation about the order of processing .htaccess when multiple modules scan it. It was suggested to avoid issues by simply using one or the other.
     
Verification:
Draft saved Draft deleted
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.