我对编码很陌生,所以请原谅我对这个主题的无知。我知道有几个类似的问题,但没有一个似乎对我有用。有用的信息总是受欢迎的,因为你最好向我解释一切,即使它看起来有点过分,因为我在这些特定主题上相当没有受过教育。
这是我的整个htaccess文件,位于我的根论坛目录中。
RewriteOptions inherit
RewriteEngine on
<IfModule mod_rewrite.c>
Options -MultiViews
RewriteEngine On
RewriteBase /forums/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule .(jpeg|jpg|gif|png)$ /forums/public/404.php [NC,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /forums/index.php [L]
</IfModule>
<Files 403.shtml>
order allow,deny
allow from all
</Files>
RewriteCond %{HTTP_HOST} ^perspectiverp.com$ [OR]
RewriteCond %{HTTP_HOST} ^www.perspectiverp.com$
RewriteRule ^home$ "https://www.perspectiverp.com/forums/" [R=301,L]
RewriteCond %{HTTP_HOST} ^perspectiverp.com$ [OR]
RewriteCond %{HTTP_HOST} ^www.perspectiverp.com$
RewriteRule ^Home$ "https://www.perspectiverp.com/forums/" [R=301,L]
RewriteCond %{HTTP_HOST} ^perspectiverp.com$ [OR]
RewriteCond %{HTTP_HOST} ^www.perspectiverp.com$
RewriteRule ^/?$ "https://www.perspectiverp.com/forums/" [R=301,L]
我的网站将始终通过 https://连接到该网站,除非直接告诉它这样做,例如 http://perspectiverp.com/forums/。我的问题是,由于我的一般连接是通过 https://用户仍然可以通过 http://进行连接,这是一个主要的安全漏洞。我基本上需要它类似于谷歌的系统如何自动将 http://重定向到 https://,即使用户试图在网址中更改它
例如,如果用户尝试将其更改为*http:/ww.google.com/,则 http:/ww.google.com/会被重定向到 https:/ww.google.com/?gws_rd=ssl。
至于任何想知道论坛软件是什么的人,我目前正在使用Invision Powers Community Suit的许可版本。
//更新第一次尝试结果是"网页有重定向循环">
RewriteOptions inherit
RewriteEngine on
<IfModule mod_rewrite.c>
Options -MultiViews
RewriteEngine On
RewriteBase /forums/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule .(jpeg|jpg|gif|png)$ /forums/public/404.php [NC,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /forums/index.php [L]
</IfModule>
<Files 403.shtml>
order allow,deny
allow from all
</Files>
RewriteCond %{HTTPS} =off
RewriteRule ^ https://www.perspectiverp.com%{REQUEST_URI} [R,L]
RewriteCond %{HTTP_HOST} ^(www.)?perspectiverp.com$ [NC]
RewriteRule ^(home)?$ https://www.perspectiverp.com/forums/ [R=301,NC,L]
第二次尝试结果是"网页具有重定向循环">
RewriteOptions inherit
RewriteEngine on
<IfModule mod_rewrite.c>
Options -MultiViews
RewriteEngine On
RewriteBase /forums/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule .(jpeg|jpg|gif|png)$ /forums/public/404.php [NC,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /forums/index.php [L]
</IfModule>
<Files 403.shtml>
order allow,deny
allow from all
</Files>
RewriteCond %{HTTPS} =off
RewriteRule ^ https://www.perspectiverp.com%{REQUEST_URI} [R,L]
RewriteCond %{HTTP_HOST} ^(www.)?perspectiverp.com$ [NC]
RewriteRule ^home$ https://www.perspectiverp.com/forums/ [R=301,NC,L
第三次尝试结果是"网页有重定向循环">
RewriteOptions inherit
RewriteEngine on
<IfModule mod_rewrite.c>
Options -MultiViews
RewriteEngine On
RewriteBase /forums/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule .(jpeg|jpg|gif|png)$ /forums/public/404.php [NC,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /forums/index.php [L]
</IfModule>
<Files 403.shtml>
order allow,deny
allow from all
</Files>
RewriteCond %{HTTPS} =off
RewriteRule ^ https://www.perspectiverp.com%{REQUEST_URI} [R,L]
RewriteCond %{HTTP_HOST} ^perspectiverp.com$ [OR]
RewriteCond %{HTTP_HOST} ^www.perspectiverp.com$
RewriteRule ^home$ "https://www.perspectiverp.com/forums/" [R=301,L]
RewriteCond %{HTTP_HOST} ^perspectiverp.com$ [OR]
RewriteCond %{HTTP_HOST} ^www.perspectiverp.com$
RewriteRule ^Home$ "https://www.perspectiverp.com/forums/" [R=301,L]
RewriteCond %{HTTP_HOST} ^perspectiverp.com$ [OR]
RewriteCond %{HTTP_HOST} ^www.perspectiverp.com$
在最后三个 https://重写规则之前添加以下内容。
RewriteCond %{HTTPS} =off
RewriteRule ^ https://www.perspectiverp.com%{REQUEST_URI} [R,L]
一旦一切按预期工作,R
更改为上面的R=301
。另外,请注意我的重写规则中的 URL 如何不引用和转义任何正斜杠,因为它不是必需的。
您也可以将最后三个规则替换为以下规则:
RewriteCond %{HTTP_HOST} ^(www.)?perspectiverp.com$ [NC]
RewriteRule ^(home)?$ https://www.perspectiverp.com/forums/ [R=301,NC,L]
NC
标志使规则不区分大小写,因此home
和Home
两者将匹配。?
使前面的组()
可选;因此,RewriteCond
适用于www
和不使用它,并且RewriteRule
也与/
匹配。
我强制 https://通过反向代理服务器(Cloudflare(,并且能够强制我的网站仅接受 https://流量。