Home/ Questions/Q 811587
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-15T01:04:07+00:00

I have a dilemma with this one. With the following code I am able

  • 0

I have a dilemma with this one. With the following code I am able to force SSL on any non SSL url, however when the user (and results from Google) take the user to http://mysite.co.za then we hit an issue as the url is then rewritten to https://mysite.co.za

Due to the fact that my certificate is bound to http://www.mysite.co.za it immediately throws a security error because of the missing ‘www’ in the url.

Can someone point out a way to add the www to the domain when the domain starts with HTTPS and not HTTP?

Much appreciated.

And the current code to add the https:// is as follows:

RewriteCond %{HTTP_HOST} !^www\.
RewriteCond %{HTTPS}s ^on(s)|
RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Can someone point out a way to add the www to the domain when the domain starts with HTTPS and not HTTP?

    So you want this:

    • If the host does not start with www:
      • If the connection is secure, do nothing. In this case you’re already screwed anyway, because the user has already seen the host mismatch warning.
      • If the connect is not secure redirect to https://www.%{HTTP_HOST}%{REQUEST_URI}

    Your current rule:

    RewriteCond %{HTTP_HOST} !^www\.
RewriteCond %{HTTPS}s ^on(s)|
RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

    This rule fails on you because it adds www no matter whether the connection is secure or not. Additionally, it keeps plain http the way it is (no forward to https://).

    The rule that satisfy your requirements above is

    #if the host does not start with www.
RewriteCond %{HTTP_HOST} !^www\.
#and the connection is not secure
RewriteCond %{HTTPS} =""
#forward
RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [R=301]

    The L flag is unnecessary because a redirect ends the rewriting.

    • 0