Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
Redirect visitors to a domain without affecting OpenID

You may want to redirect (HTTP 301) visitors from a site which acts as an OpenID endpoint. Of course, you don't want to break everything which relies on that OpenID endpoint.

There is no definitive way to tell whether the client is an OpenID client or a human visitor, but you can look for certain criteria which are usually signs that the client isn't a standard Web browser.

This set of .htaccess rules should accomplish this in most cases. I've put this together based on a few examples online plus my own testing with a few OpenID clients.

RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} !openid [NC]
RewriteCond %{HTTP_USER_AGENT} !hs-HTTP [NC]
RewriteCond %{HTTP_USER_AGENT} !^$
RewriteCond %{HTTP_VIA} !rpxnow [NC]
RewriteCond %{HTTP_ACCEPT} !application/xrds+xml [NC]
RewriteRule ^$ http://new.example.com [R,L]
# Replace http://new.example.com above with the address to which you want to redirect.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment