Is there a difference between the following bits of code:
RewriteCond %{HTTPS} off
and
RewriteCond %{HTTPS} !on
Perhaps in how they handle null, or something? On the surface level they seem like they should work the same, but I've come across both variations in different sites's .htaccess files.
Perhaps in how they handle null, or something?
Well, yes, the expression !on will be successful if HTTPS was null, not set, or set to anything other than "on" (or rather, does not contain "on"). Whereas the expression off is only successful when HTTPS contains "off".
However, the important point here is that the HTTPS server variable is only ever set to "on" or "off" exactly (all lowercase). There would have to be something wrong with your server for this server variable not to be set at all or set to something else entirely.
So, whether off or !on is used in this context is really just personal preference.
See also my answer to the following question on the Webmasters stack: