Redirect http to https for certain pages on website?

Hi,
if I have a shopping cart website with an SSL cert installed and only want to secure specifc pages, can this be done with php or a .htaccess file?

How can I redirect from http to https for the pages I want to secure?

Thanks in advance for your feedback.
sabecsAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Ray PaseurConnect With a Mentor Commented:
You can also redirect in the PHP script.

<?php // RAY_https_only.php
error_reporting(E_ALL);


// DEMONSTRATE HOW TO RESTRICT A SCRIPT SO THAT IT ONLY RUNS BEHIND HTTPS


// IF NOT HTTPS
if (empty($_SERVER["HTTPS"]))
{
    // CONSTRUCT THE HTTPS URL WE WANT, PRESERVING GET VARS
    $my_uri
    = 'https://'
    . $_SERVER["HTTP_HOST"]
    . $_SERVER["REQUEST_URI"]
    ;

    // BAIL OUT WITH 301 AND LOCATION
    header("HTTP/1.1 301 Moved Permanently");
    header("Location: $my_uri");
    exit;
}

// ELSE WE ARE ALREADY IN HTTPS - START SESSION FOR HTTPS ONLY IN ALL SUBDIRECTORIES AND ALL SUBDOMAINS
$x = explode('.', strtolower($_SERVER["HTTP_HOST"]));
$y = count($x);
if ($y == 1) // MAYBE 'localhost'?
{
    $cookie_domain = $x[0];
}
else // SOMETHING LIKE 'www2.atf70.whitehouse.gov'?
{
    // USE THE LAST TWO POSITIONS TO MAKE THE HOST DOMAIN
    $cookie_domain = '.' . $x[$y-2] . '.' . $x[$y-1];
}

$sess_name = session_name();
if (session_start())
{
    // MAN PAGE: http://php.net/manual/en/function.setcookie.php
    setcookie($sess_name, session_id(), NULL, '/', $cookie_domain, TRUE, TRUE);
}

Open in new window

HTH, ~Ray
0
 
Scott MadeiraCommented:
you would want to use mod_rewrite and set up the rules in your .htaccess file.  Here is a link to an example that may be helpful.

http://stackoverflow.com/questions/1213404/using-htaccess-to-control-https-on-certain-pages
0
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
sabecsAuthor Commented:
Thanks for your help,
I think the easiest option may be via .htaccess file as in the links below

http://stackoverflow.com/questions/9633882/htaccess-redirect-4-specific-pages-to-https
http://stackoverflow.com/questions/1213404/using-htaccess-to-control-https-on-certain-pages 

but is it possible to change the lines below in .htaccess file to redirect say my 6 pages below to https

RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} /shopping_cart
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L]



http://www.mywebsite.com/index.php?page=shopping_cart
http://www.mywebsite.com/index.php?page=order_form
http://www.mywebsite.com/index.php?page=login_form
http://www.mywebsite.com/index.php?page=user_orders
http://www.mywebsite.com/index.php?page_id=245
http://www.mywebsite.com/index.php?page_id=275
0
 
Ray PaseurCommented:
Just to be clear, your application requirement is to redirect index.php to a secure connection sometimes, depending on the GET request arguments?
0
 
sabecsAuthor Commented:
Yes Ray, that is correct.
I have php scripts that are included on the page depending on GET request arguments.

Thanks

Andrew
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.