I am going back and forth with this and figured at this point I should ask for opinions/help. I want to redirect people coming into my site that are not using www to the www version as well as change it to https so the whole site is secure from the beginning. I have a cart but since there will be coupons generated with URL links users might be coming in from different areas and I just want to ensure that everything is as secure as I can get it. Is this wrong/overkill?
RewriteEngine On
RewriteCond %{HTTPS} !^on$
RewriteRule (.*) https://domainname.com/$1 [R,L]
RewriteCond %{HTTP_HOST} !^www.domainname.com$ [NC]
RewriteRule ^(.*)$ https://www.domainname.com/$1 [L,R=301]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
I also have several links on the site that go to the checkout page as absolute urls with the https in them as well as a php redirect to https located at the top of the checkout page.
I feel this might be over doing it or maybe im just wrong so I figured I would ask to be safe.
