"www" redirection


#1

I’m sure this is an old topic with an obvious solution –

How can I automatically redirect users who go to “www.xyz.com” to
xyz.com” instead?

My SSL certificate is for “xyz.com” so users get a scary error message
if they try to go to “www.xyz.com”.


#2

The easiest way to solve this I believe is to add the following
information to your .htaccess file:

Options +FollowSymlinks
RewriteEngine on
rewritecond %{http_host} ^xyz.com [nc]
rewriterule ^(.*)$ http://www.xyz.com/$1 [r=301,nc]

Lemme know if this does the trick for you!

On Oct 18, 6:12 pm, John C. removed_email_address@domain.invalid


#3

For SSL redirection even the .htaccess trick won’t work. The browser
sees https, so it will first ask for the SSL certificate which will
obviously fail as it is made for www.yoursite.com

The only way is to purchase an additional certificate for yoursite.com


#4

typo below – “httpx” in line 6 should be “https”.

John C. wrote:

one piece of good new is that my home page is http://xyz.com (ie, not
SSL’d). it’s when they go to http://www.xyz.com and then click Login
and so are directed to the secure page https://www.xyz.com/site/login
that there’s a problem.

http://xyz.com redirects to --> httpx://xyz.com/site/login GOOD!


#5

http://xyz.com redirects to --> https://xyz.com/site/login GOOD!

That’s not redirection, that’s simple URL generation.


#6

one piece of good new is that my home page is http://xyz.com (ie, not
SSL’d). it’s when they go to http://www.xyz.com and then click Login
and so are directed to the secure page https://www.xyz.com/site/login
that there’s a problem.

http://xyz.com redirects to --> httpx://xyz.com/site/login GOOD!
but
http://www.xyz.com redirects to --> https://www.xyz.com/site/login BAD!

can i get
http://www.xyz.com redirects to --> https://xyz.com/site/login GOOD!
without a new certificate?

Fernando P. wrote:

For SSL redirection even the .htaccess trick won’t work. The browser
sees https, so it will first ask for the SSL certificate which will
obviously fail as it is made for www.yoursite.com

The only way is to purchase an additional certificate for yoursite.com


#7

good point. wherever i say “redirects to” i should just say “links to”.

Fernando P. wrote:

http://xyz.com redirects to --> https://xyz.com/site/login GOOD!

That’s not redirection, that’s simple URL generation.


#8

So, I am nearly certain that Alex’s original solution will work but if I
wanted to solve this within rails and avoid mucking with server files
(which always scares little old me :slight_smile: ).

Is there a way to rewrite:
link_to(:controller=>‘site’, :action=>'login)
so it always links to
https://xyz.com/site/login
no matter if it is called from
http://xyz.com OR http://www.xyz.com

I’m thinking a helper called:
def link_to_without_www(options, html_options={})
[some really awesome code here]
end


#9

:host => request.host.sub(“www.”, “”)
may do what you want.

On Oct 18, 6:42 pm, Frederick C. removed_email_address@domain.invalid


#10

On Oct 18, 6:42 pm, Frederick C. removed_email_address@domain.invalid
wrote:

Have a look at the options that url_for takes

Fred

you’re right fred.


#11

On Sat, Oct 18, 2008 at 7:02 PM, John C.
removed_email_address@domain.invalid wrote:

I’m thinking a helper called:
def link_to_without_www(options, html_options={})
[some really awesome code here]
end

link_to, image_tag, etc, generate absolute paths without host by
default. That is “/products/32” for example. In that case the browser
knows it has to request that path from the same domain of the
containing page. That’s why you can write an application with no
assumption or configuration about its domain and run it in different
machines such as your laptop and your production server.

So, in your case, if you get your domain right the rest of the
application just works in general terms without touching any helper.

You could perhaps write a high-priority filter. That filter says: if
the host of this request starts with “www”, remove that and redirect
to the same URL in the resulting domain (in this case you do explicit
the domain).


#12

On 18 Oct 2008, at 18:02, John C. <rails-mailing-list@andreas-
s.net> wrote:

no matter if it is called from
http://xyz.com OR http://www.xyz.com

Have a look at the options that url_for takes

Fred


#13

Thanks all. This was a great discussion.

In my opinion, editing the “.htaccess” file is the most elegant, direct
solution. However, given my stated phobia of editing server files, I
looked at all of your comments and ended up with this working solution:

class ApplicationController < ActionController::Base

before_filter :redirect_www

private

def redirect_www
  begin
    if request.host.include?("www.")
      redirect_to(params.merge(:host=>request.host.sub('www.','')))
    end
  rescue
  end
end

end

Some Notes –

1 I considered applying the filter only to my home page but I
occasionally have users who link to other pages so I added it to the
whole application even though it is a little more overhead (the filter
is applied to every request). Fortunately the overhead is whittled all
the way down to the boolean “if request.host.include?(“www.”)” which can
only be true once per session (the first page load).

2 I pre-emptively wrapped the code with “begin/rescue/end” because I’ve
encountered strange errors in the past where the request is nil and so
request.host would give a NoMethod error – but, that’s rare and this
may not be necessary here.

3 The solution does not apply to initial “https” requests because as
noted above the browser performs the certificate check prior to my
filter being able to substitute the “www.”. Fortunately, my home page
is http so once the home page has applied the filter to
http://www.xyz.com all subsequent clicks on the site will omit the
“www.”

Thanks for all your help – this was a highly successful thread for me
and I hope it helps others. :slight_smile:

Regards,
John C.