Matt Biscay

A dark gray background features the text "WWW" on the left and "NON-WWW" on the right. A teal arrow points from "WWW" to "NON-WWW," indicating a transition or conversion from a website starting with "WWW" to one without it.

Apache : redirect www to non-www and HTTP to HTTPS

By Leave a Comment

As HTTPS is increasingly adopted as the default connection protocol for websites and applications, a few challenges have emerged for developers and system administrators, such as the need to consolidate a canonical domain by redirecting non-HTTP sites to HTTPS, in addition to redirecting www to non-www host name (or vice-versa).

Using the Apache server configurations, I’ll show you how to redirect a site from WWW to non-WWW (or viceversa) and from HTTP to HTTPS.

How to edit the Apache configuration

You can edit the Apache configuration directly into the domain’s VirtualHost (if you have this level of configuration and access) or into the .htaccess file sitting at the root of your site.

Redirect www to non-www (with HTTPS)

This snippet redirects the www version to the non-www version, with HTTPS: 

RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [L,NE,R=301]

Redirect non-www to www (with HTTPS)

This snippet redirects the non-www version to the www version, with HTTPS: 

RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://www.%1%{REQUEST_URI} [L,NE,R=301]

How it works

RewriteEngine On enables the Apache runtime rewriting engine, required to perform the redirect. You may have already enabled it in a previous config in the same file. If that’s the case, you can skip that line.

RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^www\. [NC]

These two lines are are the redirect conditions, they are used to determine if the request should be redirected. Because the conditions are joined with an [OR], if any of these two conditions returns true, Apache will execute the rewrite rule and redirect the page.

The first condition determines if the request is using a non-HTTPS URL. The second condition determines if the request is using the www URL. Notice that I used www\. and not www., because the pattern is a regular expression and the dot character (.) has a special meaning here, hence it must be escaped.

RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]

The forth line is a convenient line I used to avoid referending the hostname directly in the URL. It matches the HOST of the incoming request, and decomposes it into www part (if any), and rest of the hostname. We’ll reference it later with %1 in the RewriteRule.

The RewriteRule is the heart of the redirect. With this line we tell Apache to redirect any request to a new URL, composed by:

    https://www.
    %1: the reference to the non-www part of the host
    %{REQUEST_URI}: the URI of the request, without the hostname

All these tokens are joined together, and represents the final redirect URI. Finally, we append 3 flags:

    NE to not escape special characters
    R=301 to use the HTTP 301 redirect status
    L to stop processing other rules, and redirect immediately

Note: my example uses an extra RewriteCond line to extract the host name, and avoid to inline the hostname in the rule. If you feel this is a performance penalty for you, you can inline the host directly in the rule:

RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteRule ^ https://example.com%{REQUEST_URI} [L,NE,R=301]

Conclusion

This articles provides a simple configuration to redirect www and non-HTTPS requests to the canonical HTTPS site domain. This is very useful to avoid content duplication issues with search engines, and offer an improved experience to your users.

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *