htaccess advistory
Following is my suggested htaccess entries. I noticed a number of hits from libwww-perl in the raw logs so have added a block in case it was some kind of hacking (this was when the site was new(ish)).
Forcing use of the www ensures cookie paths are correct for domain wide cookies in '/'. This is more important for testing purposes (saves confusion if you have different accounts on the LTD and www) and is also beneficial for SEO.
Any non SSL requests are redirected to https too, this ensures encrypted communication at all times and avoids situations where a surfer forgets to add the S.
ErrorDocument 404 /404.php
# - block spam and hack bots
# - with default user agents.
SetEnvIfNoCase User-Agent "^libwww-perl*" block_bad_bots
Deny from env=block_bad_bots
# - Site redirection
Options +FollowSymLinks
Options +SymlinksIfOwnerMatch
# - Handle non www links
RewriteEngine on
RewriteCond %{HTTP_HOST} ^secure-portal.co.uk [NC]
RewriteRule ^(.*)$ https://www.secure-portal.co.uk/$1 [L,R=301]
# - Handle non ssl requests
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.secure-portal.co.uk/$1 [R,L]