From 4fe0d78b206ea4218e4ca75200ae4e2fa62d9e63 Mon Sep 17 00:00:00 2001
From: Stefan Sterz <hi@sterzy.com>
Date: Fri, 7 Jul 2017 13:46:34 +0200
Subject: [PATCH] update .htaccess

---
 .htaccess | 64 +++++++++++++++++++++++++++++++------------------------
 1 file changed, 36 insertions(+), 28 deletions(-)

diff --git a/.htaccess b/.htaccess
index 818b46c..3f66192 100644
--- a/.htaccess
+++ b/.htaccess
@@ -2,41 +2,46 @@
 
 # rewrite rules
 <IfModule mod_rewrite.c>
-Redirect 301 /.well-known/carddav /owncloud/remote.php/carddav
-Redirect 301 /.well-known/caldav /owncloud/remote.php/caldav
+    # enable awesome urls. i.e.:
+    # http://yourdomain.com/about-us/team
+    RewriteEngine on
 
-# enable awesome urls. i.e.:
-# http://yourdomain.com/about-us/team
-RewriteEngine on
+    RewriteCond %{HTTPS} !=on
 
-# make sure to set the RewriteBase correctly
-# if you are running the site in a subfolder.
-# Otherwise links or the entire site will break.
-#
-# If your homepage is http://yourdomain.com/mysite
-# Set the RewriteBase to:
-#
-# RewriteBase /mysite
+    # redirect all trafic to https
+    RewriteCond %{ENV:HTTPS} !=on
+    RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
 
-# block text files in the content folder from being accessed directly
-RewriteRule ^content/(.*)\.(txt|md|mdown)$ index.php [L]
+    Redirect 301 /.well-known/carddav /owncloud/remote.php/carddav
+    Redirect 301 /.well-known/caldav /owncloud/remote.php/caldav
 
-# block all files in the site folder from being accessed directly
-RewriteRule ^site/(.*) index.php [L]
+    # make sure to set the RewriteBase correctly
+    # if you are running the site in a subfolder.
+    # Otherwise links or the entire site will break.
+    #
+    # If your homepage is http://yourdomain.com/mysite
+    # Set the RewriteBase to:
+    #
+    # RewriteBase /mysite
 
-# block all files in the kirby folder from being accessed directly
-RewriteRule ^kirby/(.*) index.php [L]
+    # block text files in the content folder from being accessed directly
+    RewriteRule ^content/(.*)\.(txt|md|mdown)$ index.php [L]
 
-# make panel links work
-RewriteCond %{REQUEST_FILENAME} !-f
-RewriteCond %{REQUEST_FILENAME} !-d
-RewriteRule ^panel/(.*) panel/index.php [L]
+    # block all files in the site folder from being accessed directly
+    RewriteRule ^site/(.*) index.php [L]
 
-# make site links work
-RewriteCond %{REQUEST_FILENAME} !-f
-RewriteCond %{REQUEST_FILENAME} !-d
-RewriteRule ^(.*) index.php [L]
+    # block all files in the kirby folder from being accessed directly
+    RewriteRule ^kirby/(.*) index.php [L]
 
+    # make panel links work
+    RewriteCond %{REQUEST_FILENAME} !-f
+    RewriteCond %{REQUEST_FILENAME} !-d
+    RewriteRule ^panel/(.*) panel/index.php [L]
+
+    # make site links work
+    RewriteCond %{REQUEST_FILENAME} !-f
+    RewriteCond %{REQUEST_FILENAME} !-d
+    RewriteRule ^(.*) index.php [L]
 </IfModule>
 
 # Additional recommended values
@@ -44,4 +49,7 @@ RewriteRule ^(.*) index.php [L]
 #
 # AddDefaultCharset UTF-8
 #
-# php_flag short_open_tag on
\ No newline at end of file
+# php_flag short_open_tag on
+
+RequestHeader set X-Forwarded-Proto https
+RequestHeader set X-Forwarded-Ssl on