Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1185
  • Last Modified:

Forcing ssl and non-ssl with mod_rewrite

I'm trying to force all urls to be non-ssl except for:

www.xyz.com/cart

here is what I have in .htaccess

RewriteEngine on
RewriteCond  %{REQUEST_URI} (cart)
RewriteRule ^(.*)$ https://%{SERVER_NAME}/$1 [L,R]
RewriteCond  %{REQUEST_URI} !(cart)
RewriteRule ^(.*)$ http://%{SERVER_NAME}/$1 [L,R]

http://www.xyz.com/cart/ will redirect to https://www.xyz.com/cart/

However, https://www.xyz.com does not redirect to http://www.xyz.com

Any ideas why the first rule works but the second rule does not?
0
ibcdan
Asked:
ibcdan
  • 4
  • 2
1 Solution
 
ravenplCommented:
Options +FollowSymLinks
RewriteEngine on

RewriteCond  %{REQUEST_URI} ^/cart
RewriteCond %{HTTPS} !=on
RewriteRule .*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]

RewriteCond  %{REQUEST_URI} !^/cart
RewriteCond %{HTTPS} =on
RewriteRule .*$ http://%{SERVER_NAME}%{REQUEST_URI} [L,R]
0
 
ibcdanAuthor Commented:
Hmm, same result:

http://www.xyz.com/cart/ will redirect to https://www.xyz.com/cart/

However, https://www.xyz.com does not redirect to http://www.xyz.com

Any other ideas?
0
 
ravenplCommented:
Do both virtualServers http and https reside in same directory (DocumentRoot)
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
ibcdanAuthor Commented:
Yes.  Here is the httpd.conf:

<VirtualHost xxx.xxx.xxx.xxx:80>
    ServerName xyz.com
    ServerAlias www.xyz.com
    DocumentRoot /home/xyz/public_html
    ServerAdmin webmaster@xyz.com
    UseCanonicalName Off
    CustomLog /usr/local/apache/domlogs/xyz.com combined
    CustomLog /usr/local/apache/domlogs/xyz.com-bytes_log "%{%s}t %I .\n%{%s}t %O ."
    ## User xyz # Needed for Cpanel::ApacheConf
    <IfModule !mod_disable_suexec.c>
        SuexecUserGroup xyz xyz
    </IfModule>
    ScriptAlias /cgi-bin/ /home/xyz/public_html/cgi-bin/


    # To customize this VirtualHost use an include file at the following location
    # Include "/usr/local/apache/conf/userdata/std/2/xyz/xyz.com/*.conf"

</VirtualHost>
<VirtualHost xxx.xxx.xxx.xxx:443>
    ServerName xyz.com
    ServerAlias www.xyz.com
    DocumentRoot /home/xyz/public_html
    ServerAdmin webmaster@xyz.com
    UseCanonicalName Off
    CustomLog /usr/local/apache/domlogs/xyz.com combined
    CustomLog /usr/local/apache/domlogs/xyz.com-bytes_log "%{%s                                                                         }t %I .\n%{%s}t %O ."
    ## User xyz # Needed for Cpanel::ApacheConf
    <IfModule !mod_disable_suexec.c>
        SuexecUserGroup xyz xyz
    </IfModule>
    ScriptAlias /cgi-bin/ /home/xyz/public_html/cgi-bin/
    SSLEngine on
    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eN                                                                         ULL
    SSLCertificateFile /usr/share/ssl/certs/www.xyz.com.crt
    SSLCertificateKeyFile /usr/share/ssl/private/www.xyz.com.ke                                                                         y
        SSLCACertificateFile /usr/share/ssl/certs/www.xyz.com.c                                                                         abundle
    ErrorLog /usr/local/apache/domlogs/xyz.com-ssl_data_log
    CustomLog /usr/local/apache/domlogs/xyz.com-ssl_log combine                                                                         d
    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
    <Directory "/home/xyz/public_html/cgi-bin">
        SSLOptions +StdEnvVars
    </Directory>

    # To customize this VirtualHost use an include file at the following locatio                                                                         n
    # Include "/usr/local/apache/conf/userdata/ssl/2/xyz/xyz                                                                        ks.com/*.conf"

</VirtualHost>
0
 
ibcdanAuthor Commented:
Oops, typo on my part!  This did the trick.  Thanks ravenpl!
0
 
ibcdanAuthor Commented:
Worked Perfectly!
0

Featured Post

Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now