Solved

htacces https

Posted on 2011-02-25
8
315 Views
Last Modified: 2012-05-11
I have near to no experience with .htacces but i need to do the following

I have a ssl certificate for the whole website. But i only want to have a few pages secured the ssl.

example

http://www.vekto.nl/user_login.php
change to
https://www.vekto.nl/user_login.php

Now this is a easy redirect but i want a if statement implemented.

Because if the page is anything other than user_login.php i want to switch back to http
0
Comment
Question by:ScottNL1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
8 Comments
 
LVL 2

Expert Comment

by:leftcase
ID: 34978490
I'm presuming that you have already set up SSL on your server? If not, it looks like you're running Windows Server 2003 and IIS 6 so you will want to use this guide: http://support.microsoft.com/kb/299875

In terms of enabling https for the login page only via your .htaccess, I'm not entirely sure that's possible. If you're using cookies to pass sessions between pages, I don't believe you can pass them from https to http pages (or vice-versa). This post explains better than I can: http://www.codingforums.com/showthread.php?t=128416

Perhaps your solution will be a little more complicated?
0
 
LVL 2

Expert Comment

by:leftcase
ID: 34978493
Sorry, just re-read the categories you posted your question in and noticed 'Apache'. I guess Netcraft is misreporting your site: http://uptime.netcraft.com/up/graph?site=www.vekto.nl
0
 
LVL 1

Author Comment

by:ScottNL1
ID: 34978538
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . friendly_url.php [L]
RewriteCond %{HTTP_HOST} ^vekto\.nl [NC]
RewriteRule ^(.*)$ http://www.vekto.nl/$1 [L,R=301]

</IfModule>

This is what is have now and it works.

I would like to add this, but not for a folder just for a page

RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} payment
RewriteRule ^(.*)$ https://www.vekto.nl/payment/$1 [R,L]

If the user is not on one of the pages, i want to have a rule that it switches back to http.

Not fully understanding the 2 posts because i can redirect in my htacces. Just don't want to redirect a root folder, but a page

0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 26

Expert Comment

by:arober11
ID: 34992435
Just alter the port and negate the URL match e.g.
RewriteCond %{SERVER_PORT} 443
RewriteCond %{REQUEST_URI} ! (payment|login|somethingElse)                           [NC]
RewriteRule .*                            http://www.vekto.nl/payment%{REQUEST_URI}  [R,L]

Open in new window

0
 
LVL 26

Expert Comment

by:arober11
ID: 34992437
Typo:
RewriteCond %{SERVER_PORT} 443
RewriteCond %{REQUEST_URI} ! (payment|login|somethingElse)                           [NC]
RewriteRule .*                            http://www.vekto.nl%{REQUEST_URI}  [R,L]

Open in new window

0
 
LVL 1

Author Comment

by:ScottNL1
ID: 34995013
Thanks arober11

I tried it but didn't work for me

RewriteCond %{SERVER_PORT} 443
RewriteCond %{REQUEST_URI} ! (user_login|user_home|user_profile|user_orders|order_info) [NC]
RewriteRule .* http://www.vekto.nl%{REQUEST_URI}  [R,L]

When i type

https://www.vekto.nl/user_login.php it redirects to http


0
 
LVL 1

Author Comment

by:ScottNL1
ID: 35007189
any body have any ideas?
0
 
LVL 26

Accepted Solution

by:
arober11 earned 500 total points
ID: 35071811
Hi, next step is to add a temporary log file to the config, restart apache, surf for a few min's, then have a look at the log e.g.

{code}
RewriteLog  /temp/tmp-rewritelog
RewriteLogLevel 9
RewriteCond %{SERVER_PORT} 443
RewriteCond %{REQUEST_URI} !(user_login|user_home|user_profile|user_orders|order_info) [NC]
RewriteRule .*                             http://www.vekto.nl%{REQUEST_URI}  [R=301,L]
{code}
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
vmware horizon certificate question 2 97
F5 SSL Sticky Load Balancing Question 3 80
SSL-VPN 1 91
DNS web servers so we don't get email blacklisted 10 9
If your site has a few sections that need to be secure when data is transmitted between the server and local computer, such as a /order/ section for ordering or /customer/ which contains customer data, etc it would of course be recommended to secure…
Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question