tags:

views:

911

answers:

4
+1  Q: 

.htaccess 301 redirect for all https to http EXCEPT ONE PAGE

Here is the code I have currently in my .htaccess file:

Options +FollowSymLinks 
RewriteEngine on
RewriteBase / 
RewriteCond %{HTTP_HOST} ^example.com [NC] 
RewriteRule ^(.*)$ http://www.example.com/$1 [L,R=301]

RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

I know jack about rewrites...and all of the other posts on this subject really don't fit my criteria and I don't know enough about the language to try and decipher it.

Basically what I need is this:

  1. redirect all instances of "example.com" to "www.example.com"
  2. redirect all instances of "https//www.example.com" to "http://www.example.com" with the exception of 1 page!!!! (in case it matters, the filename of that page is payments.php)

The code I have above works, but for the 1 page that I need to be https, it is rewriting the url to http. That one page has to be https.

Thanks, Chris

A:  
# Rewrite Rules for example.com
RewriteEngine On
RewriteBase /

# Redirect from example.com to www.example.com
RewriteCond %{HTTP_HOST} ^example\.com [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [R=301,L]

# Disable SSL on pages other than payments.php
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !^payments\.php$
RewriteRule ^(.*)$ http://www.example.com/$1 [R=301,L]

# Require SSL on payments.php
RewriteCond %{HTTPS} !on
RewriteCond %{REQUEST_URI} ^payments\.php$
RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]

I haven't tested it but something like that should work

Edit: Updated

William  2010-01-16 21:54:18
This is still allowing all other pages to be https (not rewriting them to http).This is not rewriting http://www.example.com/payments.php to https://www.example.com/payments.phpThe first redirect is still working.I see what you're getting at.....and it looks to be right....it's just not working. Any other ideas?Thanks,Chris
dell116  2010-01-16 22:15:53
I've tuned your code a bit. One issue is, though, that it requires to accept both example.com and www.example.com certificates.
St.Woland  2010-01-16 22:39:07
A: 

in addition to william's great solution, you can negate request uri somewhere before https rewriterule

RewriteCond %{REQUEST_URI} !^/?payments\.php
jspcal  2010-01-16 22:08:52
A: 

Apache/2.2.6 (Win32) mod_ssl/2.2.8 OpenSSL/0.9.8g PHP/5.2.6

I've tested it locally, all use cases seem to work fine. If you have further questions, feel free to ask.

# Rewrite Rules for example.com
RewriteEngine On
RewriteBase /

# Redirect from example.com to www.example.com
RewriteCond %{HTTP_HOST} ^example\.com [NC]
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]

# Turn SSL on for payments
RewriteCond %{HTTPS} off
RewriteCond %{SCRIPT_FILENAME} \/payments\.php [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]

# Turn SSL off everything but payments
RewriteCond %{HTTPS} on
RewriteCond %{SCRIPT_FILENAME} !\/payments\.php [NC]
RewriteRule ^(.*)$ http://%{HTTP_HOST}/$1 [R=301,L]

IMPORTANT! When the user navigates from any https page with www to any https page without www, he's asked to accept security certificate of your non-www domain.

For example (YES = request to accept the certificate, NO - opposite):

1) https://www.asdf.com/payments.php - YES (www.asdf.com)
2) http://www.asdf.com/phpinfo.php - NO
3) https://asdf.com/phpinfo.php - YES (asdf.com)
4) https://www.asdf.com/phpinfo.php - NO

I tried to reorder rules in .htaccess with no success. If anyone finds a better solution, it'll be highly appreciated.

St.Woland  2010-01-16 22:37:10
Thank you! It works perfectly. In the meantime, I'd like to read into this type of stuff a little more. Do you have any good suggestions?
dell116  2010-01-16 23:05:55
You may always read the manual ;) http://httpd.apache.org/docs/2.0/mod/mod_rewrite.html
St.Woland  2010-01-16 23:10:51
A: 

That was a nice post and it seems to redirect to http properly but i want some thing like the following

RewriteCond %{HTTP_HOST} ^site\.com
RewriteRule (.*) http://www.site.com/$1 [R=301,L]

#RewriteCond %{SERVER_PORT} !^443$
#RewriteRule ^products https://www.site.com/products/ [R=301,L]

# Disable SSL on pages other than payments.php
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !^products
RewriteRule ^(.*)$ http://www.site.com/$1 [R=301,L]

# Require SSL on payments.php
RewriteCond %{HTTPS} !on
RewriteCond %{REQUEST_URI} ^products\/?$
RewriteRule ^(.*)$ https://www.site.com/$1 [R=301,L]


RewriteCond $1 !^(index\.php|images|js|css|static|img|payment|robots\.txt|blank.gif)
RewriteRule ^(.*)$ index.php/$1 [L]

my url is http://www.sitename.com and the trailing forward slash is optional what i need is if there is no text like products in the url then it needs to he http:// and if there is a string products in the uri then it should be https://

how to do that... when i tried it is going to a loop... redirection loop.

i am using codeigniter frame work and i have removed index.php from the url.

so if something like http://sitename.com/products occurred then i want it to be https://sitename.com/products

and if there no products in the url then it should redirect to http://

Jayapal Chandran  2010-08-02 09:52:18

related questions

How do I add a MIME type to .htaccess?
Difference between the Apache HTTP Server and Apache Tomcat?
How do I support SSL Client Certificate authentication?
Why can't I connect to my CAS server with Perl's AuthCAS?
Cleanest & Fastest server setup for Django
Installing Apache Web Server on 64 Bit Mac
Running Apache alongside another web server?
Algorithm behind MD5Crypt
Can you compile Apache HTTP Server and redeploy its binaries to a different location ?
mod_rewrite rule to redirect all requests except for one specific path
How do I create a self signed SSL certificate to use while testing a web app.
Software for Webserver Log Analysis?
What is the difference between an endpoint, a service, and a port when working with webservices?
What are the proper permissions for an upload folder with PHP/Apache?
mod_rewrite to alias one file suffix type to another
How do you redirect HTTPS to HTTP?
Using mod_rewrite to Mimic SSL Virtual Hosts?
User authentication on Resin webserver
How do you set up Python scripts to work in Apache 2.0?
Block user access to internals of a site using HTTP_REFERER
.htaccess directives to *not* redirect certain URLs
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP