Apache .htaccess redirect to HTTPS before asking for user authentication

by

If you’re running Apache 2.4 you can use configuration sections to solve this quite easily.

Eg…

# Redirect to HTTPS
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]

# Authenticate users only when using HTTPS
# Enable for <v2.4
 # SSLRequireSSL
 # ErrorDocument 403 /secure-folder/
# Enable for >v2.4
<If "%{HTTPS} == 'on'">
    AuthType Basic
    AuthName "Special things"
    AuthUserFile /etc/blah.htpasswd
    # Prevent this 'Require' directive from overriding any merged previously
   <IfVersion >= 2.4>
      AuthMerging And
   </IfVersion>
    Require valid-user
# Enable for >v2.4
</If>

More Related Contents:

  1. Tips for debugging .htaccess rewrite rules
  2. htaccess redirect to https://www
  3. How to Set AllowOverride all
  4. How do I disable directory browsing?
  5. .htaccess rewrite subdomain to directory
  6. How to prevent http file caching in Apache httpd (MAMP)
  7. .htaccess: Invalid command ‘RewriteEngine’, perhaps misspelled or defined by a module not included in the server configuration
  8. Deny access to one specific folder in .htaccess
  9. Redirect site with .htaccess but exclude one folder
  10. Hidden features of mod_rewrite
  11. .htaccess redirect http to https
  12. Forbidden You don’t have permission to access / on this server [closed]
  13. How to increase apache timeout directive in .htaccess?
  14. Apache: client denied by server configuration
  15. mod_rewrite: remove trailing slash (only one!)
  16. What is .htaccess file?
  17. htaccess redirect all pages to single page
  18. Remove Characters from URL with htaccess
  19. How to manually generate pages in Nuxt router with a 404 page fallback for .htaccess
  20. Multiple RewriteRules for single RewriteCond in .htaccess
  21. Rewrite Problem – L(ast) not being respected?
  22. htaccess “order” Deny, Allow, Deny
  23. How can I mod_rewrite and keep query strings?
  24. Custom 404 error issues with Apache – the ErrorDocument is 404 as well
  25. .htaccess: how to restrict access to a single file by IP?
  26. Internal URL rewrite no longer working after upgrading Apache to 2.4
  27. RewriteCond to match query string parameters in any order
  28. htaccess RewriteRule page with query string
  29. URL rewriting for different protocols in .htaccess
  30. The Redirection of Multiple Parked Domains doesn’t Work with Filename [closed]

Leave a Comment