Force http for just one page on wordpress https site

Dzynit
Dzynit used Ask the Experts™
on
I have this in the htaccess for a site:
<IfModule mod_rewrite.c>
RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://www.searchcommander.com/$1 [R=301,L]
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

Open in new window


But I need just this one page: https://www.searchcommander.com/video-production/ to stay only http
What's the correct way to do that in the htaccess?
Thanks for any help.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
btanExec Consultant
Distinguished Expert 2018

Commented:
I am thinking of the below template
- First rule-set redirect all pages not accessed via HTTPS, and is not /page1/ or /page2/ to the same URL but https://.
-  Second rule-set ensure /page1/ and /page2/ are redirected back to http:// if they are accessed via https://.

RewriteEngine On

RewriteCond %{HTTPS} =off
RewriteCond %{REQUEST_URI} !^\/page1\/
RewriteCond %{REQUEST_URI} !^\/page2\/
RewriteRule (.*) https://%{HTTP_HOST}/$1 [L,R=301]    

RewriteCond %{HTTPS} =on
RewriteCond %{REQUEST_URI} \/page1\/ [OR]
RewriteCond %{REQUEST_URI} \/page2\/
RewriteRule (.*) http://%{HTTP_HOST}/$1 [L,R=301]
nociSoftware Engineer
Distinguished Expert 2018

Commented:
Why would you want that?  In the current internet ALL connections *SHOULD* be encrypted, not just against eavesdropping but also to prevent injections of HTML / advertisement / etc. etc.  (e.g. add/modify content in a stream you send out to your clients...)

So going HTTPS only should be the goal.

Author

Commented:
When I tried those, it redirected back to the home page.
Introduction to Web Design

Develop a strong foundation and understanding of web design by learning HTML, CSS, and additional tools to help you develop your own website.

Author

Commented:
noci
The iframe in that one page can't be added using https, so it's not showing up on the page. If you add it using https in the url, it shows the unsecure connection message in the iframe and we don't want the visitors to have to click the button to view it. First time we've run across that, so just trying to figure out how to make only the one page regular http.
nociSoftware Engineer
Distinguished Expert 2018

Commented:
Here is an article that explains it better: http://www.tinywebgallery.com/blog/iframe-do-not-mix-http-and-https
The question is WHY you get the error message. Is it possible the Certificate of the embedded page is invalid?
And why can't it be https? maybe it's better to solve that problem then try to be smarter then the various browser handling of such cases.

Author

Commented:
The site being shown in the iframe doesn't have ssl. We don't have control over their site to make changes to it. I know it's better to keep the entire site https, but a single page showing just an external image gallery in an iframe is not harmful to anyone visiting that page.
nociSoftware Engineer
Distinguished Expert 2018

Commented:
A better option then might be to fetch the result of the other site with a script using curl (https://curl.haxx.se) or scrape it using a local
PHP script (also using callable curl)  and present as it it came from your own site...

The way it works now violates the same source principle. (if you value that).
btanExec Consultant
Distinguished Expert 2018

Commented:
If the redirect is http and even if you make it htrps and that website does not support https. It will still be http. It is as if to say enforce HTTP Strict Transport Security (HSTS) at web server which you have no control over. Browser may enforce HSTS.

Author

Commented:
btan, the site is fully https, I have the redirect in the htaccess to force all pages to https. What I want is to allow just one page to be http.
Exec Consultant
Distinguished Expert 2018
Commented:
Supposedly to be straightforward with below

RewriteEngine On
# Go to https if not on <MY-PAGENAME-with-EXT>. Replace those "<>" accordingly
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} !^/<MY-PAGENAME-with-EXT>$ [NC]
RewriteRule ^(.*)$ https://<MY-WWW-DOMAIN>/$1 [R,L]

This below is more to say make sure http is done if it lands on https request for that page

RewriteCond %{SERVER_PORT} !80
RewriteCond %{REQUEST_URI} ^/<MY-PAGENAME-with-EXT>$ [NC]
RewriteRule ^(.*)$ http://<MY-WWW-DOMAIN>/$1 [R,L]

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial