.htaccess redirect question

craig.gto

Hi guys and girls

Please forgive me for being an apache noob, but I've been trawling for a while now and i can't seem to find a definitive guide for my current scenario.

I've walked into a but of a cluster$%*! of a job, to rescue a horribly set up site. One of many, many problems is that they have 132 302redirects set up. Some of these are identical pages but http-https, others are the same but https-http and some are redirects to different content pages with http-http.

A uniform redirecting of http to https is not an option so I'm looking to find out the best practice for reconfiguring these 302s to 301s within .htaccess?

Thanks in advance

JaneCopland

Hi there,

Do you have access to what the .htaccess file looks like at the moment, i.e. how have the 302s been set up?

Cheers,

Jane

craig.gto

Hi Jane, many thanks for getting back to me.

I do indeed have access to the existing .htaccess file...

Apache/PHP/Drupal settings:

Protect files and directories from prying eyes.

<filesmatch ".(engine|inc|info|install|make|module|profile|test|po|sh|.sql|theme|tpl(.php)?|xtmpl|svn-base)$|^(code-style.pl|entries.|repository|root|tag|template|all-wcprops|entries|format)$"="">Order allow,deny</filesmatch>

Don't show directory listings for URLs which map to a directory.

Options -Indexes

Follow symbolic links in this directory.

Options +FollowSymLinks

Make Drupal handle any 404 errors.

ErrorDocument 404 /index.php

Force simple error message for requests for non-existent favicon.ico.

<files favicon.ico=""># There is no end quote below, for compatibility with Apache 1.3.
ErrorDocument 404 "The requested file favicon.ico was not found.</files>

Set the default handler.

DirectoryIndex index.php

Override PHP settings. More in sites/default/settings.php

but the following cannot be changed at runtime.

PHP 4, Apache 1.

<ifmodule mod_php4.c="">php_value magic_quotes_gpc 0
php_value register_globals 0
php_value session.auto_start 0
php_value mbstring.http_input pass
php_value mbstring.http_output pass
php_value mbstring.encoding_translation 0</ifmodule>

PHP 4, Apache 2.

<ifmodule sapi_apache2.c="">php_value magic_quotes_gpc 0
php_value register_globals 0
php_value session.auto_start 0
php_value mbstring.http_input pass
php_value mbstring.http_output pass
php_value mbstring.encoding_translation 0</ifmodule>

PHP 5, Apache 1 and 2.

<ifmodule mod_php5.c="">php_value magic_quotes_gpc 0
php_value register_globals 0
php_value session.auto_start 0
php_value mbstring.http_input pass
php_value mbstring.http_output pass
php_value mbstring.encoding_translation 0</ifmodule>

Requires mod_expires to be enabled.

<ifmodule mod_expires.c=""># Enable expirations.
ExpiresActive On</ifmodule>

Cache all files for 2 weeks after access (A).

ExpiresDefault A1209600

<filesmatch .php$=""># Do not allow PHP scripts to be cached unless they explicitly send cache

headers themselves. Otherwise all scripts would have to overwrite the

headers set by mod_expires if they want another caching behavior. This may

fail if an error occurs early in the bootstrap process, and it may cause

problems if a non-Drupal PHP file is installed in a subdirectory.

ExpiresActive Off</filesmatch>

#pagespeed modifications
<files *.js.gz="">AddEncoding gzip .js
ForceType application/x-javascript</files>
<files *.css.gz="">AddEncoding gzip .css
ForceType text/css</files>

Various rewrite rules.

<ifmodule mod_rewrite.c="">RewriteEngine on</ifmodule>

RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

If your site can be accessed both with and without the 'www.' prefix, you

can use one of the following settings to redirect users to your preferred

URL, either WITH or WITHOUT the 'www.' prefix. Choose ONLY one option:

To redirect all users to access the site WITH the 'www.' prefix,

(http://example.com/... will be redirected to http://www.example.com/...)

adapt and uncomment the following:

RewriteCond %{HTTP_HOST} ^example.com$ [NC]

RewriteRule ^(.*)$ http://www.example.com/$1 [L,R=301]

To redirect all users to access the site WITHOUT the 'www.' prefix,

(http://www.example.com/... will be redirected to http://example.com/...)

uncomment and adapt the following:

RewriteCond %{HTTP_HOST} ^www.example.com$ [NC]

RewriteRule ^(.*)$ http://example.com/$1 [L,R=301]

Modify the RewriteBase if you are using Drupal in a subdirectory or in a

VirtualDocumentRoot and the rewrite rules are not working properly.

For example if your site is at http://example.com/drupal uncomment and

modify the following line:

RewriteBase /

If your site is running in a VirtualDocumentRoot at http://example.com/,

uncomment the following line:

RewriteBase /

Rewrite URLs of the form 'x' to the form 'index.php?q=x'.

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]

#pagespeed modifications
#RewriteCond %{HTTP:Accept-encoding} gzip
#RewriteCond %{REQUEST_FILENAME}.gz .f
#RewriteRule ^(.).css $1.css.gz [L,QSA]
#RewriteCond %{HTTP:Accept-encoding} gzip
#RewriteCond %{REQUEST_FILENAME}.gz .f
#RewriteRule ^(.).js $1.js.gz [L,QSA]

Custom redirects

RewriteCond %{HTTP_HOST} ^term.otherdomain1.co.uk$ [OR]
RewriteCond %{HTTP_HOST} ^(www.)?legacydomain1.org.uk$ [OR]
RewriteCond %{HTTP_HOST} ^(www.)?legacydomain2.co.uk$ [OR]
RewriteCond %{HTTP_HOST} ^(www.)?legacydomain3.com$ [NC]
RewriteRule ^ http://www.myprimarydomain.co.uk [L,R=301]

RewriteCond %{HTTP_HOST} ^rethink.otherdomain.co.uk$ [NC]
RewriteRule ^ http://www.myprimarydomain.co.uk/rethink [L,R=301]

RewriteCond %{HTTP_HOST} ^(www.)?otherdomain2.org.uk$ [NC]
RewriteRule ^ http://www.myprimarydomain.co.uk/section/funding [L,R=301]

<files "cron.php"="">Order deny,allow
Allow from 10.200.152.4
Allow from 10.200.152.5
Allow from 127.0.0.1

Deny from all</files>

page speed optimisations

<ifmodule mod_expires.c="">ExpiresActive On
ExpiresDefault "access plus 1 seconds"
ExpiresByType text/html "access plus 1 seconds"
ExpiresByType image/gif "access plus 2592000 seconds"
ExpiresByType image/jpeg "access plus 2592000 seconds"
ExpiresByType image/png "access plus 2592000 seconds"
ExpiresByType text/css "access plus 604800 seconds"
ExpiresByType text/javascript "access plus 216000 seconds"
ExpiresByType application/x-javascript "access plus 216000 seconds"</ifmodule>
<ifmodule mod_headers.c=""><filesmatch "\.(ico|pdf|flv|jpg|jpeg|png|gif|swf)$"="">Header set Cache-Control "max-age=2592000, public"</filesmatch>
<filesmatch "\.(css)$"="">Header set Cache-Control "max-age=604800, public"</filesmatch>
<filesmatch "\.(js)$"="">Header set Cache-Control "max-age=216000, private"</filesmatch>
<filesmatch "\.(xml|txt)$"="">Header set Cache-Control "max-age=216000, public, must-revalidate"</filesmatch>
<filesmatch "\.(html|htm|php)$"="">Header set Cache-Control "max-age=1, private, must-revalidate"</filesmatch></ifmodule>

$Id: .htaccess,v 1.90.2.5 2010/02/02 07:25:22 dries Exp $

Hope that is of use.

Kind regards,

C

David-Kley

Does the site even need HTTPS? If not, just delete all the rules sending it back and forth, and create a 301 for each https to go to http. You could probably knock out all 132 in less than 2 hours. (I have done 100 in less than 45 mins ;))

"A uniform redirecting of http to https is not an option so I'm looking to find out the best practice for reconfiguring these 302s to 301s within .htaccess?"

Yes, you can do a sitewide redirect to send all URL's to the secure version. 
http://www.besthostratings.com/articles/force-ssl-htaccess.html

I agree with you tho, that htaccess is a mess lol. If that is any indication of what the rest of the site has in store for you, whew.