Forcing HTTPS with .htaccess in CodeIgniter

Question

My existing .htaccess removes index.php from my URLs perfectly:

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /

#'system' can be replaced if you have renamed your system folder.
RewriteCond %{REQUEST_URI} ^system.*
RewriteRule ^(.*)$ index.php/$1 [L]

#Checks to see if the user is attempting to access a valid file,
#such as an image or css document, if this isn't true it sends the
#request to index.php
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d

#This last condition enables access to the images and css folders, and the robots.txt file
RewriteCond $1 !^(index\.php|(.*)\.swf|images|robots\.txt|css|docs|cache)
RewriteRule ^(.*)$ index.php/$1 [L]
</IfModule>

<IfModule !mod_rewrite.c>
# If we don't have mod_rewrite installed, all 404's
# can be sent to index.php, and everything works as normal.
ErrorDocument 404 /application/errors/404.php
</IfModule>

I need the entire site to run over SSL, and Pagoda Box, my hosting company, has a proprietary .htaccess edit to switch from http to https:

RewriteCond %{HTTP:X-Forwarded-Proto} = http
RewriteRule (.*) https://%{SERVER_NAME}/$1 [R]

It only works if added at the end of the first conditional statement, and it works perfectly at that: it adds https to a naked URL and removes index.php.

However, if you select the s from https in the address bar and delete it, index.php comes back, plus the last segment of the URL is repeated. If I type the full url, beginning with http://, it redirects and works perfectly - only if I place the cursor in front of the s and delete it does the site break.

Any ideas on how to stop this new condition and rule from conflicting with my existing file?

Answer 1

For any CI/Pagoda Box users, here's what worked for me:

<IfModule mod_rewrite.c>
RewriteEngine On

RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R,L]

RewriteBase /

#'system' can be replaced if you have renamed your system folder.
RewriteCond %{REQUEST_URI} ^system.*
RewriteRule ^(.*)$ index.php/$1 [L]

#Checks to see if the user is attempting to access a valid file,
#such as an image or css document, if this isn't true it sends the
#request to index.php
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d

#This last condition enables access to the images and css folders, and the robots.txt file
RewriteCond $1 !^(index\.php|(.*)\.swf|images|robots\.txt|css|js|docs|cache)
RewriteRule ^(.*)$ index.php/$1 [L]
</IfModule>

<IfModule !mod_rewrite.c>
# If we don't have mod_rewrite installed, all 404's
# can be sent to index.php, and everything works as normal.
ErrorDocument 404 /application/errors/404.php
</IfModule>

Notice that RewriteBase is after the https redirect, and the [L] to end processing.