using htaccess to fake https
Hello,
i am trying to test a website on my server, I do not have an SSL certificate. If the test is successful it will move to a different server, so no need to buy SSL for me. I need to do a 30 minute test.
Some pages on this website are looking for https and I am getting 404 errors and others are looking for http, what I was hoping to do with the htaccess file was that if https is requested, then rewrite and deliver, if http is requested, then deliver that instead,
what i came up with so far is (it doesn't work)...
i am trying to test a website on my server, I do not have an SSL certificate. If the test is successful it will move to a different server, so no need to buy SSL for me. I need to do a 30 minute test.
Some pages on this website are looking for https and I am getting 404 errors and others are looking for http, what I was hoping to do with the htaccess file was that if https is requested, then rewrite and deliver, if http is requested, then deliver that instead,
what i came up with so far is (it doesn't work)...
Options +FollowSymLinks
RewriteEngine On
RewriteBase /
RewriteRule ^/(.*):SSL$ https://%{SERVER_NAME}/$1 [R,L]
RewriteRule ^/(.*):NOSSL$ http://%{SERVER_NAME}/$1 [R,L]
ASKER
Hello laneduncan,
thanks for the info, i read through the link you sent and it looks like it requires me to be a server administrator, which I am not. I am a web developer and don't have that kind of access to the server.
thanks for the info, i read through the link you sent and it looks like it requires me to be a server administrator, which I am not. I am a web developer and don't have that kind of access to the server.
Aha. That makes more sense. Still, a web server does have a default (self-signed) certificate.
But there are a lot of setups where that wouldn't be configured correctly. You being able to do this will depend on some settings on the server side (in the httpd.conf file; specifically, the "allowOverride" setting); if that's enabled, something like this ought to do it:
Options +FollowSymlinks
RewriteEngine on
RewriteCond %{HTTPS} =on
RewriteRule .* http://%{SERVER_NAME}%{REQUEST_URI
But there are a lot of setups where that wouldn't be configured correctly. You being able to do this will depend on some settings on the server side (in the httpd.conf file; specifically, the "allowOverride" setting); if that's enabled, something like this ought to do it:
Options +FollowSymlinks
RewriteEngine on
RewriteCond %{HTTPS} =on
RewriteRule .* http://%{SERVER_NAME}%{REQUEST_URI
ASKER
Hello again,
i do not have access to the httpd.conf file, I can do URl rewriting with the htaccess file though, so i am assuming it is set properly (correct me if I am wrong on that)
that being said, the code is not solving my problem. I am still getting 404 errors when I try certain pages which i can see are being redirected to https
i do not have access to the httpd.conf file, I can do URl rewriting with the htaccess file though, so i am assuming it is set properly (correct me if I am wrong on that)
that being said, the code is not solving my problem. I am still getting 404 errors when I try certain pages which i can see are being redirected to https
That's good (that you can override; not that it's not working!).
What, exactly, are you seeing? Are the URLs getting redirected correctly, but the server isn't able to find that file? That is: what's the address and protocol in the address line on the browser when you get the 404 error?
What, exactly, are you seeing? Are the URLs getting redirected correctly, but the server isn't able to find that file? That is: what's the address and protocol in the address line on the browser when you get the 404 error?
The reason you can't do what you want is that SSL/https negotiation is done Before any files are served. Which means before the '.htaccess' file is read and processed.
True, But you wouldn't be getting a 404 error if SSL isn't configured correctly. That's the puzzle to me.
ASKER
the error i get is
Not Found
The requested URL /earth-line/posecom/login.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
I also added with no luck...
RewriteBase /earth-line/posecom/
Not Found
The requested URL /earth-line/posecom/login.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
I also added with no luck...
RewriteBase /earth-line/posecom/
What's the actual address (including the protocol http/s) on the address line in the browser?
ASKER
http://www.darkstarmedia.net/earth-line/posecom/
this is my testing server, the links that mess up are sign in or create an account, i don't really like posting my server online though, will i be able to delete this after?
this is my testing server, the links that mess up are sign in or create an account, i don't really like posting my server online though, will i be able to delete this after?
There is a certificate for *.korax.net which is probably the hosting provider's server.
ASKER
Hello Dave,
I called the web host and inquired, I do not have access to that.
I called the web host and inquired, I do not have access to that.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
When I have needed to test pages that use "https" on the live servers, I put a line in the php that selects 'http' if it's on my local servers or 'https' otherwise.
Here's a run-through on creating a wildcard certificate:
http://lanestechblog.blogspot.com/2008/03/creating-self-signed-wildcard-ssl_13.html