http 和 https 重定向和 HSTS 配置
通用重定向到 https :
# Enable Rewrite engine
RewriteEngine on
# Check if URL does not contain https
RewriteCond %{HTTPS} off [NC]
# If condition is true, redirect to https
RewriteRule (.*) https://%{SERVER_NAME}/$1 [R=301,L]
通用重定向到 http :
# Enable Rewrite engine
RewriteEngine on
# Check if URL does contain https
RewriteCond %{HTTPS} on [NC]
# If condition is true, redirect to http
RewriteRule (.*) http://%{SERVER_NAME}/$1 [R=301,L]
强制 HTTPS 连接(HSTS):
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
</IfModule>
其中,如果 HSTS 仅应用于基本域,或者应用于具有上述配置的域,则可以删除 includeSubDomains
选项。