views:

6750

answers:

4

How do you redirect HTTPS to HTTP?. That is, the opposite of what (seemingly) everyone teaches.

I have a server on HTTPS for which I paid an SSL certification for and a mirror for which I haven't and keep around for just for emergencies so it doesn't merit getting a certification for.

On my client's desktops I have SOME shortcuts which point to http://production_server and https://production_server (both work). However, I know that if my production server goes down, then DNS forwarding kicks in and those clients which have "https" on their shortcut will be staring at https://mirror_server (which doesn't work) and a big fat Internet Explorer 7 red screen of uneasyness for my company.

Unfortunately, I can't just switch this around at the client level. These users are very computer illiterate: and are very likely to freak out from seeing HTTPS "insecurity" errors (especially the way Firefox 3 and Internet Explorer 7 handle it nowadays: FULL STOP, kind of thankfully, but not helping me here LOL).

It's very easy to find Apache solutions for http->https redirection, but for the life of me I can't do the opposite.

Ideas?

+2  A: 

This has not been tested but I think this should work using mod_rewrite

RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*) <http://%&gt;{HTTP_HOST}%{REQUEST_URI}

Edit: markdown mangled the code but I think you get the idea.

ejunker
A: 

ejunker's got it right. For all the examples that have you redirect from port 80, substitute port 443 as the conditional.

Terry Lorber
+4  A: 

Keep in mind that the Rewrite engine only kicks in once the HTTP request has been received - which means you would still need a certificate, in order for the client to set up the connection to send the request over!

However if the backup machine will appear to have the same hostname (as far as the client is concerned), then there should be no reason you can't use the same certificate as the main production machine.

Kieron
A: 

I'm currently tring to direct http://server1 to http://server2. Because server1 is https it should be https://server1 to http://server2.

When I tried the code on my server,

RewriteCond %{HTTPS} on
RewriteRule (.*) <http://%&gt;{HTTP_HOST}%{REQUEST_URI}

my server is not redirecting it. In fact, there's no log in rewrite.log even though I've set it to level 9.

After some tests, it would seems that the rewriting doesn't work when it's https. There's no log at all. If I revert back to http://server1, then the log came out.

So is it when https is used, the redirecting doesn't work? That couldn't be the case seeing that other people manage to get it going. But then, how come there's no rewrite.log?

Update

After some more tests, I found that because the httpd.conf put the SSL code in another file (there's a line which says Include conf/extra/httpd-ssl.conf) I need to put the rewrite code inside the httpd-ssl.conf file instead. Now the rewrite log is showing.

long1000