https to http redirection when ssl is not installed

Question

We have a site which was https enabled. After a site revamp we have removed the certificate and https://www.foo.com is not http://www.foo.com.

There are many links in other sites, which link to th old https site, which we have no control. Is there something we can do in out side to redirect these links to home page atleast?

Will url rewriting work in this case?

There were some broken link which we fixed with a custom 404 page and tracking the links.

Does this belong to serverfault?

Answer 1

using mod_rewrite

# forces everything to non-secure if secure (http) 
RewriteCond %{SERVER_PORT} =443 
RewriteRule ^(.*)$ http://%{SERVER_NAME}/$1 [R,L]

Josh

Answer 2

You're pretty much out of luck - you can do URL rewriting as @Josh says, but before the browser even gets that far, most of them will give the user a big warning message telling them the SSL certificate isn't valid, which will put off most of the visitors.

I'd recommend buying an SSL certificate - they're not so expensive - then doing the rewrite.

Answer 3

The solution for IIS may be ISAPI_Rewrite 3. Here's the .htaccess:

RewriteBase /
RewriteCond %{HTTPS} on
RewriteRule ^(.*)$ http://%{HTTP_HOST}/$1 [R=301,L]