Htaccess configuration for Https and www redirection for CDN delivered website?

0

I have recently configured my laravel website to work on CDN, every thing works fine as expected except the existing rules for https and www redirection. My existing rules are creating too many redirect issue.

AWS: Source origin website -example(.com) (https) CNAME Alias - www.example(.com) (https)

Could you please suggest what can I do with my basic htaccess rule as below. I need below rules or else it will break my laravel website functionality. please suggest a rule to add https and www redirection which should work with below lines.

<IfModule mod_rewrite.c> 
  Options -Indexes 
 
  RewriteEngine On 
 
 
  RewriteCond $1 !^(index\\.php|resources|robots\\.txt) 
  RewriteCond %{REQUEST_FILENAME} !-f 
  RewriteCond %{REQUEST_FILENAME} !-d 
  RewriteRule ^(.+)$ index.php?/$1 [L,QSA] 
</IfModule>

I tried below two lines and it is throwing the error -- too many redirects.

RewriteCond %{HTTPS} off
  RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
    
  RewriteCond %{HTTP_HOST} !^www\. [NC]
  RewriteRule (.*) https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
asked 9 months ago403 views
1 Answer
0

When you have a CDN in front of a web-server, you need to examine the content of the X-Forwarded-Proto header that the CDN adds:

You should probably change the line:

RewriteCond %{HTTPS} off

to something like:

RewriteCond %{HTTP:X-Forwarded-Proto} !https

If you also want to have the redirect for traffic that comes in directly and not via the CDN add a second Rewrite Condition as follows:

RewriteCond %{HTTPS} off 
RewriteCond %{HTTP:X-Forwarded-Proto} !https 
RewriteRule . https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
AWS
EXPERT
answered 9 months ago
  • still throwing error, too many redirects

  • Your best bet then to understand what is happening is to turn on mod_rewrite's logging. If you are using Apache 2.4 and up - you need to do this with LogLevel alert rewrite:trace3 in your main config (not .htaccess). Refer to https://httpd.apache.org/docs/2.4/mod/mod_rewrite.html#logging. Then examine your logs to see why and at what step it keeps redirecting.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions