Mod_rewrite redirect from HTTPS to HTTP

I have a site that is generally viewed under HTTP, but for a signup form I want it to be under HTTPS. I have the redirect from HTTP to HTTPS working fine, but I'm running into some issues redirecting back to HTTP when a relative link to another part of the site is clicked. My rewrite for the SSL Virtual Host looks like this:

RewriteEngine On
RewriteRule /order_now(.*) /order_now$1 [PT,L]
RewriteRule ^(.*)$ [R=301]

This is working as far as the redirect is concerned - links that are supposed to go back to HTTP do, and the site stays on HTTPS within the order_now section. The problem is the HTTPS pages arent loading any of the css or javascript that are loaded via relative links (<script type="text/javascript" src="../includes/js/jquery.js"></script>, for example) - those files live in the HTTP portion of the site. The SSL is also showing up as only partially encrypted. Is there a way around this?

Who is Participating?
movefilesConnect With a Mentor Author Commented:
The solution that ended up working for me:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule order_now/(.*) https://%{HTTP_HOST}%{REQUEST_URI}

Open in new window

What is to keep someone from "bookmarking" one of the http URLs that are returned after authentication?  This would allow the unauthenticated URL to be shared with someone...  not a very secure idea.
movefilesAuthor Commented:
There is no login or authentication, this is just a form where they enter their personal info that we want encrypted, after that they can view the non-HTTP part of the site as they did before. I just want to force the order_now section to be HTTPS, the rest of the site should be HTTP.
The problem with '../includes/js/jquery.js' is that, when called say from  it expands to

there are two problems with such expansion:
1) this file (/order_now../includes/js/jquery.js) doesn't exist, because there is no trailing '/' in original request
2) even with correct '/' this URL also matches '/order_now(.*)' pattern and will not ne redirected to http.

So my suggestion is to include '/' in RewriteRule and to handle '../' separately, like:
RewriteRule /order_now/\.\./(.*) [R=301]
RewriteRule /order_now/(.*) /order_now/$1 [PT,L]
RewriteRule ^(.*)$ [R=301]

if you have more then 1 directory level below /order_now/ you should add more rules for that.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.