http to https redirect infinite loop problem

If you want to force ssl on your website and for some reason you can’t do it in vhost config directly, you got 3 ways to do it in htaccess.
Changes are you got a good hosting and all 3 will work for you ( for example on your own VPS ). Then there are some hostings without modssl, or with load balancers and then some of these generic rules, that work for 99% people out there will end up in endless loop.

Best to try all 3 of them, one by one and see which one works for you.

htaccess ssl redirect by %{HTTPS} variable

1st version – the most basic, works on most hostings

<IfModule mod_rewrite.c>
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>

htaccess ssl redirect by port number

2nd version – if server is using apache without modssl, then %{HTTPS} value will always be ‘off’ and therefore the rule above will cause infinite loop. Use this version instead – it checks server port instead of ^{HTTPS} variable.
It works great on websupport.sk

<IfModule mod_rewrite.c>
	RewriteEngine On
	RewriteCond %{SERVER_PORT} !^80$
	RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>

htaccess https redirect infinite loop

3rd version – if all 2 above end in infinite loop, chances are your hosting is using some kind of load balancer.
Try this version then:

<IfModule mod_rewrite.c>
	RewriteEngine On
	RewriteCond %{HTTP:X-Forwarded-Proto} !https
	RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>

Laravel force ssl

If you are doing this on Laravel project, make sure you put this in root folder. Very often your root folder will have 4 line htaccess file which redirects everything into public folder. That’s where you need to put this. Do not put http->https rules into public folder’s htaccess, unless that is your root folder as well ( on VPS for example )

Free SSL certificate – how to

Two words – Let’s encrypt!
Assuming you already have Ubuntu LAMP set up, you just need to install Certbot to manage your SSL certificates.

Installation of Certbot – SSL manager

wget https://dl.eff.org/certbot-auto
chmod a+x ./certbot-auto
./certbot-auto --help

.. you should get some meaningful output.
Now that you have a way to manage your certificates, it’s time to get one!.

Usage

Assuming you have virtual hosts set up, such as example.com, and you are using Apache, just run following command:

./certbot-auto --apache -d example.com

You need to be in the directory where you’ve extracted certbot.
You can do multiple domains at once

./certbot-auto --apache -d example.com -d nocookies.example.com

How it works

Certbot will obtain new certificate from https://letsencrypt.org, detect vhost configuration on your Apache and will create copy of that config with SSL enabled.

You can find certificates in directory

/etc/letsencrypt/live/phpsolved.com/

If you ran the command first time, you’ll be asked to provide your email address and accept terms and conditions.
You also need to renew the certificate every 90 days – you can do that by issuing following command:

certbot renew

If you want certificate for both non-www and www version of your domain ( for redirect ) you need to specify both at once, e.g.:

./certbot-auto --apache -d example.com -d www.example.com

If you do 2 commands, it won’t work properly.
This is wrong:

./certbot-auto --apache -d example.com
./certbot-auto --apache -d www.example.com

Unlike other certificates, such as StartSSL, this one actually works. If you use StartSSL, you won’t get ‘green icon’ in all browsers, see https://bugzilla.mozilla.org/show_bug.cgi?id=994033.

Sources:
https://github.com/certbot/certbot
https://letsencrypt.org/getting-started/