Thus, my SSL certificate applies only to https://example.com - not https://www.example.com (cannot complain, it was free).
After going into mod_rewrite and a lot of reading (mainly from stackoverflow), I have a .htaccess file that does most of what I need, this file (with a modified domain, of course).
<IfModule mod_rewrite.c> RewriteEngine On #First rewrite any request to the wrong domain to use the correct one RewriteCond %{HTTP_HOST} !^subdomain\. RewriteCond %{HTTP_HOST} ^(www|ftp|mail)\.example\.com [NC] RewriteRule ^(.*)$ http://example.com/$1 [R=301,L] #Redirect these subdomains to a subfolder RewriteCond %{HTTP_HOST} ^([^/.]+)\.example\.com$ RewriteCond %1 !^(www|ftp|mail)$ [NC] RewriteRule (.+)$ "http://example.com/%1" [L,P] #Now, rewrite to HTTPS: RewriteCond %{HTTPS} off RewriteCond %{HTTP:X-Forwarded-Proto} !https RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] </IfModule>
The script contains comments on what it does (I need them more than you think). And there is an additional .htaccess file in the folder for the redirected subdomain (a subfolder in the root folder with the same subdomain name) and the accompanying dns entry on my DNS server..htaccess in this folder simply redirects http (port 80) to https.
At the moment, he is doing what I need, but I'm looking for easier ways to write this. And simply put, it can mean more global (if it does it faster than before hard-coding domains), and if there are any speed improvements to get from the rewriting mentioned.
As mentioned earlier, my certificate is only for a domain other than www example.com, so this leads me to the second (but my main) question.
Traffic that is routed like this: https://www.example.com will see an error before any routing, rewriting, etc. will ever be completed. This is because the connection to the web server did not even occur at the moment, right? This is essentially your server that submits your certificate, and a browser saying: wait a minute!
Is there a way to prevent traffic in order to hit your server in the wrong way (https: // www) before the browser issues a certificate error?
This should not be limited to the .htaccess method.
Is there any way to do this - in general ? And what is this?
Edit:
I had several problems with my conditions and rewrite requests that he should not do. I also had several redirect cycles that were sent to apache.org to investigate this; as the way to track these changes here is to use the .htaccess file:
<IfModule mod_rewrite.c> RewriteEngine On # First rewrite any request to the wrong domain to use the correct one RewriteCond %{HTTP_HOST} ^(www|ftp|mail)\.example\.com$ [NC] RewriteRule ^(.*)$ http://example.com/$1 # Redirect these subdomains to a subfolder RewriteCond %{HTTP_HOST} ^([^/.]+)\.example\.com$ RewriteCond %{REQUEST_URI} !^([^/.]+)/([^/.]+) RewriteCond %1 !^(www|ftp|mail)$ [NC] RewriteRule ^(.*)$ http://example.com/%1$1 [L,NC,QSA] #Now, rewrite to HTTPS: RewriteCond %{HTTPS} off RewriteCond %{HTTP_HOST} !^$ RewriteCond %{HTTP_HOST} ^http://example\.com/$ [NC] RewriteRule ^/?(.*) https://%{HTTP_HOST}/$1 [L,R,NE] </IfModule>