Force https using htaccess

Silverstripe 4

I am trying to force SSL on my silverstripe site by adding rules to my htaccess however none of the normal rewrite rules seem to be working as expected. I’ve tried everything from these posts:

but nothing seems to be working.

I’m adding the redirect rules to the htaccess found in the public folder and haven’t touched the one in the root.

The rewrite rules in my htaccess currently look like this and for some reason it just redirects every request to

<IfModule mod_rewrite.c>

    # Turn off index.php handling requests to the homepage fixes issue in apache >=2.4
    <IfModule mod_dir.c>
        DirectoryIndex disabled
        DirectorySlash On

    RewriteEngine On

    	# Cached content - sub-pages (site in the root of a domain)
    	RewriteCond %{REQUEST_METHOD} ^GET|HEAD$
    	RewriteCond %{QUERY_STRING} ^$
    	RewriteCond %{REQUEST_URI} /(.*[^/])/?$
    	RewriteCond %{DOCUMENT_ROOT}/public/cache/%1.html -f
    	RewriteCond %{REQUEST_FILENAME} !-f
    	RewriteRule .* /public/cache/%1.html [L]

    # Enable HTTP Basic authentication workaround for PHP running in CGI mode
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

    # Deny access to potentially sensitive files and folders
    RewriteRule ^vendor(/|$) - [F,L,NC]
    RewriteRule ^\.env - [F,L,NC]
    RewriteRule silverstripe-cache(/|$) - [F,L,NC]
    RewriteRule composer\.(json|lock) - [F,L,NC]
    RewriteRule (error|silverstripe|debug)\.log - [F,L,NC]
    # Force HTTPS Rules
    RewriteCond %{HTTPS} !=on
    RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
    # Process through SilverStripe if no file with the requested name exists.
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule .* index.php

Is your server set up with the document root pointing at / or at /public

If it’s pointing at / then you might be better off just moving your https redirection into the top-level htacess file. If not, then something else weird is going on :grinning_face_with_smiling_eyes: