Apache: htaccess force www and https ssl #server

.htaccess

# force HTTPS and www.
RewriteEngine On
RewriteCond %{HTTP_HOST} (?!^www\.)^(.+)$ [OR]
RewriteCond %{HTTPS} off
RewriteRule ^ https://www.%1%{REQUEST_URI} [R=301,L]


# alternative way
RewriteCond %{HTTP_HOST} !^$
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{HTTPS}s ^on(s)|
RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L,NE]



# without lookbehind
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.domain\.de [NC]
RewriteRule ^(.*)$ https://www.domain.de/$1 [R=301,L]
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://www.domain.de/$1 [R=301,L]

# force HTTPS and www not for subdomains
RewriteCond %{HTTP_HOST} ^domain\.de [NC]
RewriteRule ^(.*)$ https://www.domain.de/$1 [R=301,L]
RewriteCond %{HTTP_HOST} ^www\.domain\.de [NC]
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://www.domain.de/$1 [R=301,L]

# for cloudflare
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} =http
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

# not locally
<IfModule !mod_win32.c>
RewriteEngine on
...
</IfModule>

# not locally #2
RewriteEngine On
RewriteCond %{HTTP_HOST} !\.dev$ [NC]
RewriteCond %{HTTP_HOST} !\.local$ [NC]
RewriteCond %{HTTP_HOST} !^www\.domain\.de [NC]
RewriteRule ^(.*)$ https://www.domain.de/$1 [R=301,L]
RewriteCond %{HTTP_HOST} !\.dev$ [NC]
RewriteCond %{HTTP_HOST} !\.local$ [NC]
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://www.domain.de/$1 [R=301,L]

# force www only
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]

# force HTTPS and non-www
<IfModule !mod_win32.c>
RewriteEngine On
RewriteCond %{HTTP_HOST} ^(www\.)(.+) [OR]
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^(www\.)?(.+)
RewriteRule ^ https://%2%{REQUEST_URI} [R=301,L]
</IfModule>
<IfModule mod_win32.c>
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
</IfModule>


# Force non-www and ssl
RewriteCond %{HTTP_HOST} !\.local\.vielhuber\.de$ [NC]
RewriteCond %{HTTP_HOST} ^(www\.)(.+)
RewriteCond %{HTTP_HOST} ^(www\.)?(.+)
RewriteRule ^ https://%2%{REQUEST_URI} [R=301,L]
RewriteCond %{HTTP_HOST} !\.local\.vielhuber\.de$ [NC]
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^(www\.)?(.+)
RewriteRule ^ https://%2%{REQUEST_URI} [R=301,L]



# force ssl and www for main domain, force ssl and non www for all subdomains (except locally)
RewriteEngine On 
# for subdomains: force ssl and non www
RewriteCond %{HTTP_HOST} !\.local$ [NC]
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} !^(www\.)?camac-harps\.com$ [NC]
RewriteCond %{HTTP_HOST} ^(?:www\.|)(.*)$ [NC]
RewriteRule ^.*$ https://%1%{REQUEST_URI} [R,L]
# for main domains: force ssl and www
RewriteCond %{HTTP_HOST} !\.local$ [NC]
RewriteCond %{HTTPS} !=on [OR]
RewriteCond %{HTTP_HOST} ^camac-harps\.com$ [NC]
RewriteRule ^.*$ https://www.camac-harps.com%{REQUEST_URI} [R,L]





# # force https
# RewriteCond %{HTTP_HOST} !\.xip\.io$ [NC]
# RewriteCond %{HTTP_HOST} !\.local$ [NC]
# RewriteCond %{HTTPS} !=on [NC]
# RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

# force ssl and non-www for main domain and for all subdomains (except local)
RewriteEngine On
# main domain
RewriteCond %{HTTP_HOST} ^(www\.)?tld\.org$ [NC]
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteRule ^ https://tld.org%{REQUEST_URI} [R=301,L,NE]
# subdomains
RewriteCond %{HTTP_HOST} !^local\.tld\.org$ [NC]
RewriteCond %{SERVER_PORT} 80
RewriteCond %{HTTP_HOST} ^((?!www\.)[^.]+)\.tld\.org$
RewriteRule ^ https://%1.tld.org%{REQUEST_URI} [NE,L,R]

# # force www except on development machines (.local & .xip.io)
# RewriteCond %{HTTPS} !=on
# RewriteCond %{HTTP_HOST} !\.local$ [NC]
# RewriteCond %{HTTP_HOST} !\.xip\.io$ [NC]
# RewriteCond %{HTTP_HOST} !^www\..+$ [NC]
# RewriteRule ^ http://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# # https
# RewriteCond %{HTTPS} =on
# RewriteCond %{HTTP_HOST} !\.local$ [NC]
# RewriteCond %{HTTP_HOST} !\.xip\.io$ [NC]
# RewriteCond %{HTTP_HOST} !^www\..+$ [NC]
# RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

# # force non-www except on development machines (.local & .xip.io)
# RewriteCond %{HTTPS} !=on
# RewriteCond %{HTTP_HOST} !\.local$ [NC]
# RewriteCond %{HTTP_HOST} !\.xip\.io$ [NC]
# RewriteCond %{HTTP_HOST} ^www\..+$ [NC]
# RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# # https
# RewriteCond %{HTTPS} =on
# RewriteCond %{HTTP_HOST} !\.local$ [NC]
# RewriteCond %{HTTP_HOST} !\.xip\.io$ [NC]
# RewriteCond %{HTTP_HOST} ^www\..+$ [NC]
# RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

this just saved my ass. ;) Thank you!

This is supremely helpful. If there is such a thing as karma, may only great things happen to you!

Ok, please can you help me, so why do I get this?

when using v1 i get redirected to: https://www./ without anything else?

when using v2 if i put more than the host in http:// it skips me to the index file:
i.e. http://www.test.com/test GOES TO https://www.test.com/index.php NOT https://www.test.com/test

I also have some code for removing the index.php from the url so http://www.test.com/index.php/test BECOMES http://www.test.com/test, so something isn't playing ball.

Thanks

RewriteEngine On

RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME}/index.html !-f
RewriteCond %{REQUEST_FILENAME}/index.php !-f
RewriteRule . index.php [L]

RewriteCond %{HTTP_HOST} !^$
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{HTTPS}s ^on(s)|
RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L,NE]

Many thanks

My solution to force https and www in one redirect step to prevent loosing link "juice".
Redirects http://domain, https://domain, http://www.domain to https://www.domain

# if host contains www - skip redirect to www
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteRule .? - [S=1]
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# redirect all to https
RewriteCond %{HTTPS} off
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Excellent, thank you very much, with this rule I solved.

RewriteEngine on
RewriteCond %{HTTP_HOST} ^(www.)(.+) [OR]
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^(www.)?(.+)
RewriteRule ^ https://%2%{REQUEST_URI} [R=301,L]

I wanted to ask, how can I delete the ".html" extension from the "https://domain.com/index.html" domain for all pages,
or just remove "index.html" from "https://domain.com/index.html".

how should I change the current rule?

# force HTTPS and www.
RewriteEngine On
RewriteCond %{HTTP_HOST} (?!^www\.)^(.+)$ [OR]
RewriteCond %{HTTPS} off
RewriteRule ^ https://www.%1%{REQUEST_URI} [R=301,L]

Why you're using:

RewriteRule ^ https://www.%1%{REQUEST_URI} [R=301,L]

And not:

RewriteRule ^ https://www.%1%{REQUEST_URI} [R=301,L,NE]

What is there are some specific special characters involved? Then the origin REQUEST_URI is different than the redirected REQUEST_URI.

If I need https://www version of the website (all links have already been distributed a lot), and also HSTS Preloader, then I am getting following error in when checking in https://hstspreload.org.

http://example.com (HTTP) should immediately redirect to https://example.com (HTTPS) before adding the www subdomain. Right now, the first redirect is to https://www.example.com/. The extra redirect is required to ensure that any browser which supports HSTS will record the HSTS entry for the top level domain, not just the subdomain.

How it can be solved?