Https to http redirect using htaccess

Apache.HtaccessHttpHttps

Apache Problem Overview

I'm trying to redirect https://www.example.com to http://www.example.com. I tried the following code in the .htaccess file

RewriteEngine On
RewriteCond %{HTTP_HOST} ^example\.com$ [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [R=301,L]

This code successfully redirects https://example.com to http://www.example.com. However when I type in https://www.example.com then it gives me a "web page not available" error in the browser.

I have also tried the following 2 codes without success

Attempt 1

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/(.*):NOSSL$ http://www.example.com/$1 [R=301,L]

Attempt 2

RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI}

Both above attempts failed. Any suggestions?

Apache Solutions

Solution 1 - Apache

Attempt 2 was close to perfect. Just modify it slightly:

RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

UPDATE:

Above solution works from a technical point of view. BUT:

Since a few years now the user will receive a huge warning indicating that the connection is not private. That is to be expected: none of today's browsers will silently switch from an encrypted to a not encrypted connection, for obvious reasons ... You cannot get around that behavior of standard browsers. That however has nothing to do with the redirection itself. It is how the web works today, how users are protected from criminal intents.

Solution 2 - Apache

However, if your website does not have a security certificate, it's on a shared hosting environment, and you don't want to get the "warning" when your website is being requested through https, you can't redirect it using htaccess. The reason is that the warning message gets triggered before the request even goes through to the htaccess file, so you have to fix it on the server. Go to /etc/httpd/conf.d/ssl.conf and comment out the part about the virtual server 443. But the odds are that your hosting provider won't give you that much control. So you would have to either move to a different host or buy the SSL just so the warning does not trigger before your htaccess has a chance to redirect.

Solution 3 - Apache

You can use the following rule to redirect from https to http :

 RewriteEngine On


RewriteCond %{HTTPS} ^on$
RewriteRule ^(.*)$ http://example.com/$1 [NC,L,R]

Explanation :

RewriteCond %{HTTPS} ^on$

Checks if the HTTPS is on (Request is made using https)

Then

RewriteRule ^(.*)$ http://example.com/$1 [NC,L,R]

Redirect any request (https://example.com/foo) to http://example.com/foo .

  • $1 is part of the regex in RewriteRule pattern, it contains whatever value was captured in (.+) , in this case ,it captures the full request_uri everything after the domain name.

  • [NC,L,R] are the flags, NC makes the uri case senstive, you can use both uppercase or lowercase letters in the request.

L flag tells the server to stop proccessing other rules if the currunt rule has matched, it is important to use the L flag to avoid rule confliction when you have more then on rules in a block.

R flag is used to make an external redirection.

Solution 4 - Apache

RewriteEngine On
RewriteCond %{SERVER_PORT} 443
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

Solution 5 - Apache

The difference between http and https is that https requests are sent over an ssl-encrypted connection. The ssl-encrypted connection must be established between the browser and the server before the browser sends the http request.

Https requests are in fact http requests that are sent over an ssl encrypted connection. If the server rejects to establish an ssl encrypted connection then the browser will have no connection to send the request over. The browser and the server will have no way of talking to each other. The browser will not be able to send the url that it wants to access and the server will not be able to respond with a redirect to another url.

So this is not possible. If you want to respond to https links, then you need an ssl certificate.

Solution 6 - Apache

RewriteCond %{HTTP:X-Forwarded-Proto} =https

Solution 7 - Apache

Your code is correct. Just put them inside the <VirtualHost *:443>

Example:

<VirtualHost *:443>
  SSLEnable
  
  RewriteEngine On
  RewriteCond %{HTTPS} on
  RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI}

</VirtualHost>
Categories
Recommended Apache Solutions
Recommended .Htaccess Solutions
Recommended Http Solutions
Recommended Https Solutions

Previous Solution:

slice of struct != slice of interface it implements?

Go

Next Solution:

How to test if a parameter is provided to a function?

JavascriptFunction

Attributions

All content for this solution is sourced from the original question on Stackoverflow.

The content on this page is licensed under the Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license.

Content TypeOriginal AuthorOriginal Content on Stackoverflow
QuestionAnshView Question on Stackoverflow
Solution 1 - ApachearkaschaView Answer on Stackoverflow
Solution 2 - ApacheAdela RuffattiView Answer on Stackoverflow
Solution 3 - ApacheAmit VermaView Answer on Stackoverflow
Solution 4 - ApacheAueroView Answer on Stackoverflow
Solution 5 - ApachedrhemaView Answer on Stackoverflow
Solution 6 - ApacheEric MichalsenView Answer on Stackoverflow
Solution 7 - ApacheHiro ItasikiView Answer on Stackoverflow