Mod_rewrite redirect from HTTPS to HTTP
I have a site that is generally viewed under HTTP, but for a signup form I want it to be under HTTPS. I have the redirect from HTTP to HTTPS working fine, but I'm running into some issues redirecting back to HTTP when a relative link to another part of the site is clicked. My rewrite for the SSL Virtual Host looks like this:
RewriteEngine On
RewriteRule /order_now(.*) /order_now$1 [PT,L]
RewriteRule ^(.*)$ http://www.mydomain.com [R=301]
This is working as far as the redirect is concerned - links that are supposed to go back to HTTP do, and the site stays on HTTPS within the order_now section. The problem is the HTTPS pages arent loading any of the css or javascript that are loaded via relative links (<script type="text/javascript" src="../includes/js/jquery
Thanks,
Steve
RewriteEngine On
RewriteRule /order_now(.*) /order_now$1 [PT,L]
RewriteRule ^(.*)$ http://www.mydomain.com [R=301]
This is working as far as the redirect is concerned - links that are supposed to go back to HTTP do, and the site stays on HTTPS within the order_now section. The problem is the HTTPS pages arent loading any of the css or javascript that are loaded via relative links (<script type="text/javascript" src="../includes/js/jquery
Thanks,
Steve
HonorGod
What is to keep someone from "bookmarking" one of the http URLs that are returned after authentication? This would allow the unauthenticated URL to be shared with someone... not a very secure idea.
ASKER
There is no login or authentication, this is just a form where they enter their personal info that we want encrypted, after that they can view the non-HTTP part of the site as they did before. I just want to force the order_now section to be HTTPS, the rest of the site should be HTTP.
The problem with '../includes/js/jquery.js'
https://mysite.com/order_now../includes/js/jquery.js
there are two problems with such expansion:
1) this file (/order_now../includes/js/
2) even with correct '/' this URL also matches '/order_now(.*)' pattern and will not ne redirected to http.
So my suggestion is to include '/' in RewriteRule and to handle '../' separately, like:
RewriteRule /order_now/\.\./(.*) http://www.mydomain.com [R=301]
RewriteRule /order_now/(.*) /order_now/$1 [PT,L]
RewriteRule ^(.*)$ http://www.mydomain.com [R=301]
if you have more then 1 directory level below /order_now/ you should add more rules for that.
https://mysite.com/order_now../includes/js/jquery.js
there are two problems with such expansion:
1) this file (/order_now../includes/js/
2) even with correct '/' this URL also matches '/order_now(.*)' pattern and will not ne redirected to http.
So my suggestion is to include '/' in RewriteRule and to handle '../' separately, like:
RewriteRule /order_now/\.\./(.*) http://www.mydomain.com [R=301]
RewriteRule /order_now/(.*) /order_now/$1 [PT,L]
RewriteRule ^(.*)$ http://www.mydomain.com [R=301]
if you have more then 1 directory level below /order_now/ you should add more rules for that.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.