Converting to SSL with a changed URL structure: order of items in htaccess

djbaxter

Tazmanian Veteran
Joined
Jun 6, 2006
Messages
10,485
Continuing with an upgrade of a very old forum, the next step is conversion to HTTPS.

SSL certificate already applied.

Now, the URL structure has also changed from vBSEO (uninstalled) to Standard vBulletin 4.2.5 Friendly URLs.

Posts are easy to redirect:

Code:
#rewrite old vBSEO urls
RewriteRule [^/]+/([0-9]+)-[^/]+\.html http://www.politics.ie/showthread.php?t=$1 [L,R=301]
But then in order not to lose search index links to categories and forums, as well as certain special links, I have a rather large number of Redirect 301 lines similar to this:

Code:
Redirect 301 /forum/current-affairs/ http://www.domain.com/forumdisplay.php?26-Current-Affairs
My question:

The redirect for http to https and for non-www to www will look something like this (I think this should do both?):

Code:
RewriteCond %{HTTP_HOST} ^politics\.ie$ [OR]
RewriteCond %{HTTP_HOST} ^www\.domain\.com$
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule ^\$\/?(.*)$ "https\:\/\/www\.domain\.com\/\$$1" [R=301,L]
So is it better to use the http to https redirect FIRST before all the Redirect 301 statements?

Or should the Redirect 301 statements come first, ending with the https to https instructions?
 

Tracy Perry

Opinionated asshat
Joined
May 25, 2013
Messages
4,990
I've always understood that the HTTP -> HTTPS needs to be the first in the stack.
 

mysiteguy

Devotee
Joined
Feb 20, 2007
Messages
2,990
First thing I need to mention is you should not use rewritecond (mod_rewrite) redirects with Redirect directives. The reason is they aren't processed the way you might think. What happens is each type is done in a separate top to bottom scan of the .htaccess file. They aren't sequentially processed when intermixed. Pick one type or the other. I use rewritecond/rewriterule exclusively as it's much more power (especially if you use Apache 2.4+).

As to order, I'd put the URL redirects first, and make them work with either HTTP or HTTPS. This way if someone visits an old URL via HTTP, they get a single 301 which does both the URL redirect and the change to HTTPs.

Under those, put in your catchall HTTP to HTTPS redirect.
 

Tracy Perry

Opinionated asshat
Joined
May 25, 2013
Messages
4,990
Good info. Haven't played with Apache since around 2006'ish so wasn't sure. Makes sense though but does go against the grain on what has been suggested in the past by other admins I have read.
 

mysiteguy

Devotee
Joined
Feb 20, 2007
Messages
2,990
What I suggested is actually in line with what you said, except when there's a case when you can accomplish both with one redirect.

About mixing mod_alias (redirect, redirectmatch, etc) with mod_rewrite (rewritecond/rewriterule), I left something out in my explaination. Rewritecond/Rewriterule is the first sequential scan, and Redirect/Redirect match is the second.

Early on before I learned this, there were a few instances where I was writing some complex conditions and got unexplained infininate redirect loops, or a redirectmatch above a rewrite was getting executed second, not first and I spent countless hours trying to figure it out. This was before the days of stackexchange and the like. I finally found the solution deep in Apache's documentation about the order of processing .htaccess when multiple modules scan it. It was suggested to avoid issues by simply using one or the other.
 
Top