Skip to main content

.htaccess Rewrites

.htaccess Rewrites with mod_rewrite and the RewriteEngine Directives

mod_rewrite provides a way to modify incoming URL requests, dynamically, based on regular expression rules.

This allows arbitrary URLs to be mapped onto the internal URL structure in any way.

It supports an unlimited number of rules and an unlimited number of conditions attached to each rule to provide a truly flexible and powerful URL manipulation mechanism.

Enable mod_rewrite

The basic pattern to enable mod_rewrite is a pre-requisite for all other tasks that use.

The required steps are:

  1. Turn on the rewrite engine (this is necessary in order for the RewriteRule directives to work) as documented in the RewriteEngine documentation
  2. Enable the FollowSymLinks option if it isn't already. See Core Options documentation
  3. If your web host doesn't allow the FollowSymlinks option, you need to comment it out or remove it, and then uncomment the Options +SymLinksIfOwnerMatch line, but be aware of the performance impact
    • Some cloud hosting services will require you set RewriteBase
    • Depending on how your server is set up, you may also need to use the RewriteOptions directive to enable some options for the rewrite engine
<IfModule mod_rewrite.c>
  RewriteEngine On
  Options +FollowSymlinks
  # Options +SymLinksIfOwnerMatch
  # RewriteBase /
  # RewriteOptions <options>
</IfModule>

Forcing HTTPS

These Rewrite rules will redirect from the http:// insecure version to the https:// secure version of the URL:

<IfModule mod_rewrite.c>
  RewriteEngine On
  RewriteCond %{HTTPS} !=on
  RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
</IfModule>

If you're using cPanel AutoSSL or the Let's Encrypt webroot method to create your SSL certificates, it will fail to validate the certificate if validation requests are redirected to HTTPS. Turn on the condition(s) you need.

<IfModule mod_rewrite.c>
  RewriteEngine On
  RewriteCond %{HTTPS} !=on
  RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/
  RewriteCond %{REQUEST_URI} !^/\.well-known/cpanel-dcv/[\w-]+$
  RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
  RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</IfModule>

Redirecting URLs from www to non-www

These directives will rewrite www.example.com to example.com.

note

You should not duplicate content in multiple origins (with and without www).

This can cause SEO problems (duplicate content), and therefore, you should choose one of the alternatives and redirect the other one. You should also use Canonical URLs to indicate which URL should search engines crawl (if they support the feature).

Set %{ENV:PROTO} variable, to allow rewrites to redirect with the appropriate schema automatically (http or https).

The rule assumes by default that both HTTP and HTTPS environments are available for redirection.

www to non-www
<IfModule mod_rewrite.c>
  RewriteEngine On
  RewriteCond %{HTTPS} =on
  RewriteRule ^ - [E=PROTO:https]
  RewriteCond %{HTTPS} !=on
  RewriteRule ^ - [E=PROTO:http]

  RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
  RewriteRule ^ %{ENV:PROTO}://%1%{REQUEST_URI} [R=301,L]
</IfModule>

Add www at the beginning of URLs

These rules will insert www. at the beginning of a URL.

note

You should never make the same content available under two different URLs.

This can cause SEO problems (duplicate content), and therefore, you should choose one of the alternatives and redirect the other one. You should also use Canonical URLs to indicate which URL should search engines crawl (if they support the feature).

Set %{ENV:PROTO} variable, to allow rewrites to redirect with the appropriate schema automatically (http or https).

The rule assumes by default that both HTTP and HTTPS environments are available for redirection. If your SSL certificate could not handle one of the domains used during redirection, you should turn the condition on.

non-www to www
<IfModule mod_rewrite.c>
  RewriteEngine On
  RewriteCond %{HTTPS} =on
  RewriteRule ^ - [E=PROTO:https]
  RewriteCond %{HTTPS} !=on
  RewriteRule ^ - [E=PROTO:http]

  RewriteCond %{HTTPS} !=on

  RewriteCond %{HTTP_HOST} !^www\. [NC]
  RewriteCond %{SERVER_ADDR} !=127.0.0.1
  RewriteCond %{SERVER_ADDR} !=::1
  RewriteRule ^ %{ENV:PROTO}://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</IfModule>

Table of Contents