brendan-amex
asked on
htaccess File on Weserver Problem
I'm trying to force users onto the secure portion of my site for only specific folders. I have 2 folders, one named "account" and the other "accounts" and whenever someone hits a webpage inside one of those folders I want to force them onto https. I can include it in all the links, but there is no guarantee that someone won’t remove the s from https and refresh the page.
I’ve read in numerous other places that say use a .htaccess file to do it. So that’s what I did but it’s not seeming to work. I created a file in each of the 2 folders on my web server called “.htaccess” with the following code inside of it:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} accounts RewriteRule ^(.*)$
https://www.mywebsite.com/accounts/$1 [R,L]
Will someone who knows much more about how htaccess files work help me please?! Thank you in advance.
I’ve read in numerous other places that say use a .htaccess file to do it. So that’s what I did but it’s not seeming to work. I created a file in each of the 2 folders on my web server called “.htaccess” with the following code inside of it:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} accounts RewriteRule ^(.*)$
https://www.mywebsite.com/accounts/$1 [R,L]
Will someone who knows much more about how htaccess files work help me please?! Thank you in advance.
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} accounts RewriteRule ^(.*)$
https://www.mywebsite.com/accounts/$1 [R,L]
Try:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteCond %{REQUEST_URI} /accounts
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
ASKER
hey guys, thanks for the suggestions. I must be doing something wrong. Does the htaccess file have no name? right now it's just .htaccess with only the above 4 lines of code. Does this sound right?
ASKER
Does the Apache webserver need to be rebooted after dropping this .htaccess file onto it?
ASKER
Okay, well I wanted to use a .htaccess file but the below code seems to work:
if($_SERVER["HTTPS"] != "on")
{
header("Location: https://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]);
exit();
}
if($_SERVER["HTTPS"] != "on")
{
header("Location: https://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]);
exit();
}
No you do not have to restart the server. Also, the file must be named .htaccess
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
THanks for this site and info. I think that needs to be activated on my apache server, I'll look more into that. Thanks
Open in new window