0

I have a CI installation in my root domain. SSL certificate is installed and working properly. When I redirect http:// to https://www it redirects to https://www.www (an extra www), that too on some computers and some browsers as users have reported. However, when I remove 'www' from redirection, its all fine. Seems like www is looping. So far, I've digged my code hundred times, and see no sign of redirection from code (I mean addition of extra www). I'm doing it with htaceess. Any help will be highly appreciated. This is my htaccess:

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /

#Force SSL
RewriteCond %{HTTPS} !on
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [R,L]

#Removes access to the system folder by users.
#Additionally this will allow you to create a System.php controller,
#previously this would not have been possible.
#'system' can be replaced if you have renamed your system folder.
RewriteCond %{REQUEST_URI} ^system.*
RewriteRule ^(.*)$ /index.php/$1 [L]
#Checks to see if the user is attempting to access a valid file,
#such as an image or css document, if this isn't true it sends the
#request to index.php
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /index.php/$1 [L]
</IfModule>

I'm running it on apache with Centos VPS.

Thank you so much!

Zafar
  • 321
  • 5
  • 17

1 Answers1

1

The HTTP_HOST is the "target host" part of the request, like: www.mydomain.com.
The REQUEST_URI is generally the path which was given in order to access a certain page; for instance, ‘/folder/index.html’.

In your RewriteRule you say to put 'www.' in front of the requested domainname.
You don't want that, when someone asks for http://www.yourdomain.com.
Without the www. in your RewriteRule someone who requests for http://yourdomain.com gets redirected to https://yourdomain.com

When you want to redirect to https and www you need to add conditions. Look into Apache docs on Canonical host and on questions/4083221/how-to-redirect-all-http-requests-to-https for this solution: 

RewriteCond %{HTTPS} !=on [OR]  
RewriteCond %{HTTPS_HOST} !^www.yourdomain.com$ [NC]  
RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [L,R=301]
Community
  • 1
  • 1
E.C.Pabon
  • 265
  • 1
  • 9
  • Pabon, Alright, I do understand what you are saying and you have a valid point. I removed www from RewriteRule, and it opens smooth. But then it poses another problem of its own. How do I get a URL with https://'www'.example.com instead of just https://.example.com? Do you have any solution for that? What I want to achieve is: if a user types my domain like: example.com, it redirects to https://www.example.com – Zafar Mar 13 '16 at 21:28
  • Your code works like that. To get everything on https : // www. etc you need some extra logic (look for canonical redirection). – E.C.Pabon Mar 13 '16 at 21:58
  • I couldn't understand your answer or comment. Can you please elaborate it? I want my htaccess to force ssl, which it is already doing. My question is: if I remove 'www' from RewriteRule, it still forces ssl, but without 'www'. I want to achieve 'www' with ssl, so that my url looks like : `https://www.example.com` – Zafar Mar 13 '16 at 22:02
  • HTTP_HOST is what someone requests. that can be with www or without www. And exaclty that will be used. The only thing changing is http into https. – E.C.Pabon Mar 13 '16 at 22:06
  • Yes, I do understand it. What I'd like to do is, just like Facebook or some other popular websites: when you type: `example.com` without any mention of `www` they still redirect you to ssl version with `www` in url like: `https://www.example.com`, I want to achieve the same. But I fail. Because it ads an extra `www`. Can you help me figure it out? I'm already doing a successful redirection https, but without `www` part in url. Which I want anyways. Thank you – Zafar Mar 13 '16 at 22:09