Redirecting HTTP to HTTPS stopped working

Help
1

Hello guys,

I’m new here and I’m still trying to figured it out stuff. I have the website hosted by UOLhost which supports Let’s Encrypt. I was trying to redirect HTTP to HTTPS adding the most simple code I could find to my .htaccess.

It didn’t work, and after some research I found out it was because of Let’s Encrypt. So I found another code that worked perfectly for about 2 days, but today it stopped working and I have no idea why. Did anything change from Let’s Encrypt side or is it something that my hosting changed?

Here is the code:

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /

# Verify www
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [L,R=301]

# Verify POST requests
RewriteCond %{REQUEST_METHOD} !^POST$

# If receiving HTTP request from proxy...
RewriteCond %{HTTP:X-Forwarded-Proto} =http [OR]

#...or if it's a resquest direct from client
RewriteCond %{HTTP:X-Forwarded-Proto} =""
RewriteCond %{HTTPS} !=on

# Redirect to HTTPS version
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [L,R=301]

</IfModule>

Any ideas or a better code?

Operational System: Linux
Apache: version 2.4
PHP: version 5.5
Database: MySQL version 5.6

2

I think I should be more clear when I say it didn’t work and stopped working. Here’s the problem I’m getting:

40
Screen Shot 2017-08-09 at 22.11.40.png1326×788 27 KB

3

I remember having a similar problem with a hosting company that was using a caching reverse proxy. It turned out the cache wasn’t distinguishing between HTTP and HTTPS responses from the webserver (since they were both over HTTP at that point), and was caching them together - so sometimes a HTTPS request would be served a cached HTTP response, which was a redirect to HTTPS, and the result was an infinite redirect loop.

I fixed it by adding this line above my first RewriteCond:

Header always append Vary X-Forwarded-Proto

Of course you may be having an entirely different problem, but I guess it’s worth a shot,

4

I tested the line you sent on the shorter and the longer version of the code but I’m still getting the same problem :frowning:

Thanks anyway @jmorahan!

5

I use something like this;

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]

That is assuming there isn’t an underlying issue.

6

I tested this code, even adding @jmorahan line but it didn’t work and I get a different error.

27
Screen Shot 2017-08-10 at 14.36.27.png1314×882 58.1 KB

7

If you click Advanced you should be able to get more info.

Are you sure you are having problems with redirecting, and not certificate problems? I ran a check of your site in SSL Labs. It says your certificate doesn’t match.

(abbreviated output)
SSL Report: www.coteseg.com
Certificate name mismatch
Try these other domain names (extracted from the certificates):

sslblindado.com
*.sslblindado.com
9

The name coteseg.sslblindado.com doesn’t resolve to any IP, so that just isn’t going to work.

segseguro.sslblindado.com does return an IP (187.17.111.96), and it does work with SSL https://segseguro.sslblindado.com, but, it’s using a GeoTrust certificate. My guess (for coteseg.com) would be the webserver isn’t pointing to the correct certificate for coteseg.com. Can you post the relevant lines of the config?

10

Thanks for your help @TheEggman but I’m a newbie on all this. What do you mean by config? The .htaccess? I don’t have anything at moment there. If not, where do I find this config?

11

I mean the configuration file/section for your site (from Apache). Do you have shell access ?

12

I’m guessing this but I don’t think I have. I’m only accessing the FTP and some minor advanced configuration from the hosting control panel like clearing cache, changing versions of Apache and PHP, not much else.

13

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.