SSL -- Refresh and/or Redirect Code Needed for Internet Explorer, Cannot have www
In the following text, where I write, "mydomain," I do change it to my actual domain name in the code/scripts.
Here is my issue. I recently purchased a security certificate for my hosting account with a few add-on domains in the one hosting account. When I try to access my few websites, no matter what I type in (mydomain.com, https://mydomain.com, or http://www.mydomain.com), they work on all browsers except Internet Explorer. I believe it might be a caching issue on some computers, but I'm not sure. I also know the www being there is a problem.
What happens is if someone types in http://www.mydomain.com, Internet Explorer shows a screen that it is not secure and the person should not go to the website. It seems that all other browsers are finding the new secure site just fine, no matter what is typed in, probably due to my .htaccess file. I know Internet Explorer is no longer supported, but lots of people still use it, so I need the websites to work on Internet Explorer.
I was using this in my .htaccess file, but it is still not working with Internet Explorer:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
The hosting person I talked with (where I bought the SSL certificate) told me that .htaccess file will not work for my issue with Internet Explorer. She told me that I either need to put both mydomain.com and www.mydomain.com in the SANs or find a script that tells a web browser to get rid of the "www" if someone types it in. Most people go to http://www.mydomain.com (with the www) and it does not work on Internet Explorer given I did not put the www with my SANs. If they type in https://mydomain.com on Internet Explorer, it does work.
The easy route would be to add mydomain.com and www.mydomain.com to the SANs, but then I will use two SANs per domain, and that would mean I would need to buy another security certificate, which is not something I can or want to do at this time.
I did try adding this code, hoping it would rid the home page of the www, but then it was either producing other errors, doubling the domain name in the address bar, or going to a non-secure http://www version of the website, so maybe I have duplicated something or written something wrong (or maybe my browser is caching old things now, too), but this is all confusing me for some reason:
Options +FollowSymLinks
RewriteEngine on
RewriteCond %{SERVER_PORT} 25
RewriteCond %{HTTP_HOST} ^www.mydomain.com [NC]
RewriteRule ^(.*)$ https://mydomain.com/$1 [R=301,L]
Does anyone know the code I can use so that no matter what a person types into the address bar, they will be taken to https://mydomain.com?
Otherwise, does anyone know a "refresh" code, because when I put in <META HTTP-EQUIV="refresh" CONTENT="7; URL=https://mydomain.com">, it cleared out the cache and made the browser go to the secure URL when also using the write conditions I first mentioned above in an .htaccess file. The only problem with that refresh code is that it refreshes the page every 7 seconds. I need it to refresh just once. So if I had refresh code that only activated one time and redirected to the secure site, I think that might solve the whole problem. Do you know what simple refresh code I could use to get the website to refresh one time only? (Redirect code did not seem to work, probably because there was no refresh code with it.)
I would greatly appreciate any help. Thanks!
CSS Codes
Reply With Quote
I figured it out
Bookmarks