Question 221940 in Amazon Web Sevices Question posted in
The official Amazon Web Services documentation can be found here.

Amazon web services – Htaccess configuration for Https and www redirection for CDN delivered website?

Ask – I am looking for https and www redirect !

I have recently configured my laravel website to work on CDN, every thing worked fine as expected before implementing CDN with below htaccess code.

<IfModule mod_rewrite.c>
  Options -Indexes
  
  RewriteEngine On
  
  RewriteCond %{HTTPS} off
  RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
    
  RewriteCond %{HTTP_HOST} !^www. [NC]
  RewriteRule (.*) https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
  
  RewriteCond $1 !^(index\.php|resources|robots\.txt)
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteCond %{REQUEST_FILENAME} !-d
  RewriteRule ^(.+)$ index.php?/$1 [L,QSA]
</IfModule>

However, post implementing CDN it is throwing error – too many redirects, so I have kept like below for now, Atleast website is working.

<IfModule mod_rewrite.c> 
  Options -Indexes 
 
  RewriteEngine On 
 
 
  RewriteCond $1 !^(index\.php|resources|robots\.txt) 
  RewriteCond %{REQUEST_FILENAME} !-f 
  RewriteCond %{REQUEST_FILENAME} !-d 
  RewriteRule ^(.+)$ index.php?/$1 [L,QSA] 
</IfModule>

AWS CLoudfront:
Source origin website -example(.com) (https) ||
CNAME Alias – www.example(.com) (https) ||
Behaviour: http to https

Could you please suggest what can I do with my htaccess rule. I need atleast below rules or else it will break my laravel website functionality.

  RewriteCond $1 !^(index\.php|resources|robots\.txt) 
  RewriteCond %{REQUEST_FILENAME} !-f 
  RewriteCond %{REQUEST_FILENAME} !-d 
  RewriteRule ^(.+)$ index.php?/$1 [L,QSA]

please suggest a rule to add https and www redirection which should work with above lines.

Also a generic question: does redirect even works when served from CDN, am I missing any point to consider.

Would be a great help if this get fixed.

Tags:

2

Answers


  1. Chosen as BEST ANSWER
    0

    Thanks a lot for checking and answering this. As per your suggestion, I have come to below code. It is still giving too many redirect issue, can you pls check once again.

    <IfModule mod_rewrite.c>
  Options -Indexes

  RewriteEngine On
  RewriteBase /
  
 # Redirect HTTP to HTTPS
RewriteCond %{HTTP:X-Forwarded-Proto} ^http$
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L]


RewriteCond %{HTTP_HOST} !^www.
RewriteRule (.*) https://www.%{HTTP_HOST}/$1 [R=302,L]
  
  RewriteCond $1 !^(index.php|resources|robots.txt)
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteCond %{REQUEST_FILENAME} !-d
  RewriteRule ^(.+)$ index.php?/$1 [L,QSA]
</IfModule>

    Hope we dont have to make any specific change to AWS cloudfront. I have tried clearing existing cache and also tried restarting Apache origin server.


  2. 0 
    RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

    As per the answer/question I linked to initially, you likely need to check against the X-Forwarded-Proto header instead of the HTTPS server variable as the CDN behaves like a proxy, behind which your application server is connecting over plain HTTP.

    The X-Forwarded-Proto header (a defacto-standard) is set by the proxy, informing the backend application server the protocol by which the user is connecting.

    So, instead of the above, you would use the following instead:

    # Redirect HTTP to HTTPS
RewriteCond %{HTTP:X-Forwarded-Proto} ^http$
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

    You need to clear all caches before testing (301s are cached persistently) and test first with a 302 (temporary) redirect to avoid potential caching issues.

    Your existing non-www to www redirect (that follows) is "OK", although there is no need to capture the URL-path since it is not being used in the substitition string (you are using the REQUEST_URI server variable instead).

    Aside:

    RewriteCond $1 !^(index\.php|resources|robots\.txt)

    This condition is not correct as written (it’s basically doing nothing). The double-backslash matches a literal backslash, so this negated condition will always be successful. These should be single-backslash escapes, escaping the literal dot. For example:

    RewriteCond $1 !^(index.php|resources|robots.txt)
    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search