在 Apache 上强制使用 SSL 且禁止使用 WWW

发布于 2024-10-16 03:53:27 字数 448 浏览 2 评论 0原文

我无法想出正确的语法来完成强制 SSL 和无 WWW 的任务。

编辑

我已经能够单独完成每项任务，但是当将这两项任务结合起来时，我发现自己陷入了重定向循环。

强制无 WWW 的工作语法：

RewriteCond %{HTTP_HOST} !^domain\.com$
RewriteRule (.*) http://domain.com/$1 [R=301,L]

我尝试强制无 WWW 和 SSL

RewriteCond %{SERVER_PORT} !^443$
RewriteCond %{HTTP_HOST} !^domain\.com$
RewriteRule (.*) https://domain.com/$1 [R=301,L]

感谢您的任何建议！

原文

I'm having trouble coming up with the proper syntax to accomplish both forcing the SSL and no WWW.

EDIT

I've been able to accomplish each task separately but when combining the two i find myself stuck in a redirection loop.

working syntax to force no WWW:

RewriteCond %{HTTP_HOST} !^domain\.com$
RewriteRule (.*) http://domain.com/$1 [R=301,L]

My attempt to force no WWW and SSL

RewriteCond %{SERVER_PORT} !^443$
RewriteCond %{HTTP_HOST} !^domain\.com$
RewriteRule (.*) https://domain.com/$1 [R=301,L]

Thanks for any suggestions!

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

绮烟 2024-10-23 03:53:28

这是我在我的一个网站上使用的方法 - 它似乎比我见过的大多数其他方法都要好一点：

  # The code below tells apache to always require secure (ssl/tls) connections
  # to the website. If a client tries connecting over port 80 (http://),
  # then the client will be redirected to https:// (over port 443).
  RewriteCond %{REMOTE_ADDR} !127\.0\.0\.0
  RewriteCond %{SERVER_PORT} 80
  RewriteRule ^(.*)$ https://example.com/$1 [R,L]

对于无 www 规则，请查看任何开源 CMS 上的 .htaccess 文件，例如 Drupal 或 Wordpress，了解一些最佳实践。

Here's what I'm using on one of my sites - it seems to work a little better than most of the other methods I've seen:

  # The code below tells apache to always require secure (ssl/tls) connections
  # to the website. If a client tries connecting over port 80 (http://),
  # then the client will be redirected to https:// (over port 443).
  RewriteCond %{REMOTE_ADDR} !127\.0\.0\.0
  RewriteCond %{SERVER_PORT} 80
  RewriteRule ^(.*)$ https://example.com/$1 [R,L]

For the no-www rule, check out the .htaccess files on any open-source CMS, like Drupal or Wordpress, to see some of the best practices.

回复收藏 0 原文

后来的我们 2024-10-23 03:53:28

我认为“无 WWW”是指您想要删除任何“WWW”。主机名的前缀？试试这个：

RewriteCond "%{HTTP_HOST}" "^(?:www\.)?(.*)"  [NC]
RewriteCond "%{HTTPS}"     "=on"
RewriteRule "(.*)"         "https://%1$1"     [R=301,L]

如果您在 .htaccess 文件中执行此操作，请将最后一行更改为“

RewriteRule "(.*)"         "https://%1/$1"    [R=301,L]

如果您希望能够删除“WWW”。无论 SSL 性与否，前缀，请尝试以下操作：

RewriteCond "%{HTTP_HOST}" "^(?:www\.)?(.*)"  [NC]
RewriteCond "%{HTTPS}"     "=on"
RewriteRule "(.*)"         "https://%1/$1"    [R=301,L]

RewriteCond "%{HTTP_HOST}" "^(?:www\.)?(.*)"  [NC]
RewriteRule "(.*)"         "http://%1/$1"     [R=301,L]

By 'no WWW' I assume you mean you want to remove any 'WWW.' prefix of the hostname? Try this:

RewriteCond "%{HTTP_HOST}" "^(?:www\.)?(.*)"  [NC]
RewriteCond "%{HTTPS}"     "=on"
RewriteRule "(.*)"         "https://%1$1"     [R=301,L]

If you're doing this in a .htaccess file, change that last line to

RewriteRule "(.*)"         "https://%1/$1"    [R=301,L]

If you want to be able to remove the 'WWW.' prefix regardless of SSL-ness or not, try this:

RewriteCond "%{HTTP_HOST}" "^(?:www\.)?(.*)"  [NC]
RewriteCond "%{HTTPS}"     "=on"
RewriteRule "(.*)"         "https://%1/$1"    [R=301,L]

RewriteCond "%{HTTP_HOST}" "^(?:www\.)?(.*)"  [NC]
RewriteRule "(.*)"         "http://%1/$1"     [R=301,L]

回复收藏 0 原文

空袭的梦i 2024-10-23 03:53:28

我发现这适用于我的几个客户网站：

# Force SSL
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule (.*) https://%1%{REQUEST_URI} [L,R=301]

# Rewrite all http to https
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

I found this to work for a couple of my client sites:

# Force SSL
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule (.*) https://%1%{REQUEST_URI} [L,R=301]

# Rewrite all http to https
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

回复收藏 0 原文