Issue With Loopback After Converting Site To Https

Hi Guys,

a few weeks ago we started to use a few lines in the .htaccess to start changing all the traffic, links etrc from http:// to https://



Now when we look back over the logs we are seeing this error:



[color=#808080][quote][error] [client 115.141.210.64] Request exceeded the limit of 10 internal redirects due to probable configuration error. Use 'LimitInternalRecursion' to increase the limit if necessary. Use 'LogLevel debug' to get a backtrace., referer: [/color][url=“https://www.domain.com.au/”][color=#808080]https://www.domain.com.au/[/color][/url][color=#808080][/quote][/color]



On another note, this error appears at the same time… so i wonder if this one has anything to do with it ?



[color=#808080][quote][font=Consolas, Monaco,][Thu Mar 19 10:04:57 2015] [error] [client 66.87.150.146] FastCGI: server “/dev/shm/motiondy-php.fcgi” stderr: Primary script unknown, referer: https://domain.com.au[/font][/quote][/color]





Our hosting provider has told us that the error is most likely in the .htaccess file but everything in that file is pretty much stock except for the 2 lines we added for the http->https redirect below



RewriteCond %{HTTPS} !=on

RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L,NE]



I am posting the file below, if anyone can see where there might be a problem or point us in the right direction to fix this, your assistance would be appreciated!













DirectoryIndex index.html index.php

Header append Vary: Accept-Encoding
Header set X-Content-Type-Options "nosniff"

order allow,deny
deny from all

FileETag None

Header set Access-Control-Allow-Origin "*"


Header unset ETag
ExpiresActive on
ExpiresDefault "access plus 1 month"
#CSS
ExpiresByType text/css "access plus 1 year"
#Data interchange
ExpiresByType application/json "access plus 0 seconds"
ExpiresByType application/ld+json "access plus 0 seconds"
ExpiresByType application/vnd.geo+json "access plus 0 seconds"
ExpiresByType application/xml "access plus 0 seconds"
ExpiresByType text/xml "access plus 0 seconds"
#Favicon (cannot be renamed!) and cursor images
ExpiresByType image/x-icon "access plus 1 year"
#HTML components (HTCs)
ExpiresByType text/x-component "access plus 1 month"
#HTML
ExpiresByType text/html "access plus 1 month"
#JavaScript
ExpiresByType application/javascript "access plus 1 year"
#Manifest files
ExpiresByType application/manifest+json "access plus 1 year"
ExpiresByType application/x-web-app-manifest+json "access plus 0 seconds"
ExpiresByType text/cache-manifest "access plus 0 seconds"
#Media
ExpiresByType audio/ogg "access plus 1 month"
ExpiresByType image/gif "access plus 1 month"
ExpiresByType image/jpeg "access plus 1 month"
ExpiresByType image/png "access plus 1 month"
ExpiresByType video/mp4 "access plus 1 month"
ExpiresByType video/ogg "access plus 1 month"
ExpiresByType video/webm "access plus 1 month"
#Web feeds
ExpiresByType application/atom+xml "access plus 1 hour"
ExpiresByType application/rss+xml "access plus 1 hour"
#Web fonts
ExpiresByType application/font-woff "access plus 1 month"
ExpiresByType application/font-woff2 "access plus 1 month"
ExpiresByType application/vnd.ms-fontobject "access plus 1 month"
ExpiresByType application/x-font-ttf "access plus 1 month"
ExpiresByType font/opentype "access plus 1 month"
ExpiresByType image/svg+xml "access plus 1 month"
#CSS w/gzip

ExpiresDefault "access plus 1 year"
ForceType text/css
Header set Content-Encoding: gzip
Header set Cache-control: private

#JavaScript w/gzip

ExpiresDefault "access plus 1 year"
ForceType text/javascript
Header set Content-Encoding: gzip
Header set Cache-control: private




AddOutputFilterByType DEFLATE text/text text/html text/plain text/xml


#Redirects go here
RewriteEngine on
Options -MultiViews
AddEncoding gzip .gz
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteCond %{REQUEST_FILENAME} \.(js|css)$
RewriteCond %{HTTP:Accept-encoding} gzip
RewriteCond %{REQUEST_FILENAME}.gz -f
RewriteRule ^(.*)$ $1.gz [QSA,L]
RewriteCond %{REQUEST_URI} ^api/(.*)$ [or]
RewriteCond %{REQUEST_URI} .*/api/(.*)$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .*api/(.*)$ api.php?_d=$1&ajax_custom=1 [L,QSA]
RewriteCond %{REQUEST_URI} \.(png|gif|ico|swf|jpe?g|js|css|ttf|svg|eot|woff|yml|xml)$ [or]
RewriteCond %{REQUEST_URI} store_closed.html$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*?)\/(.*)$ $2 [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . index.php [L,QSA]
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L,NE]

if you need to move whole store to HTTPS, please check this article - CS-Cart Documentation — CS-Cart 4.15.x documentation



hope it helps

my store is full https and my .htaccess just needed


# RewriteBase /
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.your web address here.com/$1 [R=301,L,NE]




Not is has to be positioned under #rewritebase/ and replace with your web address

Hey Guys, Thanks for the feedback, I appreciate your thoughts, ideas and suggestions!



W$A,

I've already made all the changes suggested in the article. But it didn't fix the issue of the loopback.



Johnbol1, I was originally using (code below)



RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L,NE]




And I changed it to the one you suggested. Seems to be pretty much the same thing (at least it does exactly the same thing). I'm not really sure of the differences, but either way it doesn't seemed to have helped.

Also, I don't have a Rewritebase / in my htaccess. I don't know why considering the whole file is stock (i've never changed anything on it)



Anybody else have any suggestions? I'm kinda stumped here!

Far from the original. Here is the 4.2.4 htaccess file:


```php DirectoryIndex index.html index.php









AddEncoding gzip .gz

RewriteCond %{REQUEST_FILENAME} .(js|css)$

RewriteCond %{HTTP:Accept-encoding} gzip

RewriteCond %{REQUEST_FILENAME}.gz -f

RewriteRule ^(.)$ $1.gz [QSA,L]





.css.gz$>



Header unset ETag

FileETag None

ExpiresActive On

ExpiresDefault “access plus 1 year”





ForceType text/css

Header set Content-Encoding: gzip

Header set Cache-control: private





.js.gz$>



Header unset ETag

FileETag None

ExpiresActive On

ExpiresDefault “access plus 1 year”





ForceType text/javascript

Header set Content-Encoding: gzip

Header set Cache-control: private







Header set Access-Control-Allow-Origin "
"









RewriteEngine on

Please note that RewriteBase setting is obsolete use it only in case you experience some problems with SEO addon.

Some hostings require RewriteBase to be uncommented

Example:

Your store url is http://www.yourcompany.com/store/cart

So “RewriteBase” should be:

RewriteBase /store/cart

RewriteBase /

Options -MultiViews



RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]



RewriteCond %{REQUEST_URI} ^api/(.)$ [or]

RewriteCond %{REQUEST_URI} .
/api/(.)$

RewriteCond %{REQUEST_FILENAME} !-f

RewriteCond %{REQUEST_FILENAME} !-d

RewriteRule .api/(.)$ api.php?_d=$1&ajax_custom=1 [L,QSA]



RewriteCond %{REQUEST_URI} .(png|gif|ico|swf|jpe?g|js|css|ttf|svg|eot|woff|yml|xml)$ [or]

RewriteCond %{REQUEST_URI} store_closed.html$

RewriteCond %{REQUEST_FILENAME} !-f

RewriteCond %{REQUEST_FILENAME} !-d

RewriteRule ^(.
?)/(.*)$ $2 [L]



RewriteCond %{REQUEST_FILENAME} !-f

RewriteCond %{REQUEST_FILENAME} !-d

RewriteRule . index.php [L,QSA]





```

When adding RewiteCond for HTTPS it should be the first RewiteCond not the last - so place it under the Options -MultiViews line.

Hmm… thanks guys. I was a little shocked at the amount of changes to the .htaccess, i mean from the one the tool postred to the one I use…wow…just wow… So now I'm wondering what changed the htaccess???

We certainly haven't touched it… Could it have been the service provider I wonder?





The Tool - Thanks for that, I'm going to attempt to merge the one you posted, cheers!

Aircomms, thanks I'll, fix that right now!

Interestingly, the .htaccess The Tool posted is much slower than my original one.

Gtmetrix consistently measures both of these (after multiple tests):



my original one at Page Speed Grade 63% (D) Page Load Time 85% (B)

The Tools Original Page Speed Grade 56% (E) Page Load Time 78% (C)



So my guess is that the host has optimized the site for higher performance!

they did, its gzipped for a start, but did the loopback now solve ts self?



John

Its still there… Have asked cs-cart to look into it

you guys missed BIG ISSUE. I WILL LET YOU KNOW EASY WAY



CHROME (F12) LOOK… CS-CART MAIN PROBLEM IS server response time. for open speed.



means WHEN someone click address ““click”” server response ,but cscart always takes loooooooooooong "“waiting (TTFB)”"NORMALLY CSCART — 250MS ~~~~1.2S …it should be under 90ms on same server situation

if you can not accept it… you can test it on your country with cscart and famous site



CSCART SERVER WAITTING TIME ALWAYS LATE ----------SO IT'S CAN NOT BE GLOBAL FOREVER.