tags:

views:

174

answers:

2
+1  Q: 

How do I switch between http and https in .htaccess?

I know this question has been asked several different ways and I've looked/tried many of the suggestions, but not getting anywhere.

I have a site that's mixed http and https where everything /customer and /cart including any subdirectories are https and the rest is http. I'm having a problem with it actually going to https, seems as though it goes to https and right back to http with this.

RewriteEngine On

#RewriteCond %{REQUEST_FILENAME} !-f
#RewriteRule (.*) /public.php?debug=%{SERVER_NAME} [NS,QSA,L]

# Redirect to HTTPS if /cart or /customer
RewriteCond %{REQUEST_URI} ^/cart.*
RewriteCond %{REQUEST_URI} ^/customer.*
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R]

# go back to regular http if not in secure area
RewriteCond %{REQUEST_URI} !^/cart.*
RewriteCond %{REQUEST_URI} !^/customer.*
RewriteCond %{HTTPS} on
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [L,R]

#simulate the static pages
RewriteCond %{REQUEST_URI} ^/$
RewriteRule ^(.*)$ /public.php?controller=index&action=index [L]

#Main rewrite for application/controller/action decode logic

#RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !/scripts/
RewriteCond %{REQUEST_FILENAME} !/images/
RewriteCond %{REQUEST_FILENAME} !/css/
RewriteRule ^([a-z]+)\/([a-z]+)$ /public.php?controller=$1&action=$2 [QSA,L]
RewriteRule ^([a-z]+)\/$ /public.php?controller=$1 [QSA,L]
RewriteRule ^([a-z]+)\/([a-z]+)$ /$1/$2/ [QSA,L,R]
RewriteRule ^([a-z]+)$ /$1/ [QSA,L,R]

AddHandler php5-script .php

Maybe somebody can straighten me out on this.

TIA

A: 

I think your problem is that the RewriteCond rules group together like an 'AND' rather than an 'OR' so the path would have to match 'cart' and 'customer' for the rewriterule to be applied (which wouldn't make sense). Try this..

# redirect non-https requests for /cart or /customer to https
RewriteCond %{HTTPS} off
RewriteRule ^(cart|customer) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] 

# redirect all other https requests to http
RewriteCond %{HTTPS} on
RewriteCond $1 !^(cart|customer)
RewriteRule ^(.*) http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
andrewmabbott  2010-02-18 17:07:55
A: 

You can have a look at this question for the similar issue http://stackoverflow.com/questions/1818869/htaccess-https-to-http

Even if you make it work, your page will be semi encrypted and browser will show a red mark at the status bar. You need to make use of http referrer in the conditions too.

shikhar  2010-02-19 10:15:21

related questions

Retrieving HTTP status code from loaded iframe with Javascript
How to specify an authenticated proxy for a python http connection?
Why does HttpCacheability.Private suppress ETags?
How to respond to an alternate URI in a RESTful web service
Is there a reason to use BufferedReader over InputStreamReader when reading all characters?
What would be a good, windows and iis (http) based distributed version control system
Database query representation impersonating file on Windows share?
How do I use NTLM authentication with Active Directory
Process raw HTTP request content
How would you implement FORM based authentication without a backing database?
Reading "chunked" response with HttpWebResponse
Best way to let users download a file from my website: http or ftp
How do I convert a date to a HTTP-formatted date in .Net / C#
What is the best way to upload a file via an HTTP POST with a web form?
How do I stop IIS7 dropping my cookies?
Checking FTP status codes with a PHP script.
HTTP Libraries for Emacs
Accessing post variables using Java Servlets
HTTP: Generating ETag Header
HTTP: How to know when to send a 304 Not Modified response
How do I best detect an ASP.NET expired session?
How can I make the browser see CSS and Javascript changes?
How to curl or wget a web page?
The Definitive Guide To Website Authentication
Implementation of "Remember me" in a Rails application.