Hi,

I came up with the following entries to the file .htaccess.

Would you please, take a look at it and let me know if something is not right or one line conflicts with another?

My primary goal is not to allow unsecure (http) access to the website (including the phpBB board).

Also, I am not sure when to use "www" or not use it in these entries for the .htaccess file. (see below).

here we go:
---------------------------------------------------------------------------
# Use PHP5 as default
AddHandler application/x-httpd-php5 .php

# Do not allow browsing folders without index.html file
Options -Indexes

# Force SSL access
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

# Fixing double-login problem and making sure authorization usernames and passwords are not sent in cleartext unencrypted.
SSLOptions +StrictRequire
SSLRequireSSL
SSLRequire %{HTTP_HOST} eq "example.com"
ErrorDocument 403 https://example.com
---------------------------------------------------------------------------

Thanks,
redhost

You can use code like this to force a redirect to https:


RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^(.*)$ https://www.domain.de/folder/$1 [L,R]

The redirect code you currently have doesn't look like it will work.

Thank you for the correction,
for the rewrite rule, should I use [L,R] or [L,R=301]?
(I know that the R by itself means R=302, I just don't know which switch to apply in the scenario of redirecting htttp to https)