REWRITE RULE - Forcing https to http for Non-SSL site using HTACCESS

Hi all -
I have sites where I force HTTP -> HTTPS using this code in HTACCESS:
   RewriteEngine On
   RewriteCond %{SERVER_PORT} 80
   RewriteRule ^(.*)$$1 [R,L]      
NOW I have a site that used to use an SSL Certif, and no longer needs one, and my users often access the site still using httpS://
Is there a change to the above 3 lines to force HTTPS -> HTTP instead of HTTPS -> HTTPS ?    
(Or a better way to force HTTPS to HTTP?)  The users still entering https in a browser are receiving that "Invalid Certificate - Run!" error.
Who is Participating?
Dave BaldwinConnect With a Mentor Fixer of ProblemsCommented:
No, unfortunately you can't do it the other way around when there isn't a certificate.  The HTTPS connection is made or attempted before anything else happens.  The "Invalid Certificate - Run!" error comes from the browser, not the server.

The only way to eliminate that error message is to get the certificate again.
arnoldConnect With a Mentor Commented:
The point Dave makes is that a valid certificate must exists or the user will get an allert warning about the expired certificate before the refirect can be processed.

The functionality is such that credential exchange has to be completed before the client can Make a request and the server respond.

Renewing the certificate, and using a refirect mechanism that includes a delay long enough to display a page stating https access is going away.

Though your move is counter to the current trend where most sites are going towards encrypted sites.

If you are determined, either leave the expired cert which will alert each user attempting secure access. This is a more reliable notifier where the client will have to add an exception before they could continue on.
Using redirect test on whether the connection is secure, before sending it back to an unsecure URL.
Testing for port 443 or reversing your rewrite....
RobOwner (Aidellio)Commented:
My first thought is to use to get a certificate if cost is an issue?

That said, where have you placed your .htaccess redirecting to https?  Depending on the level you put it will determine how much flexibility you have with redirection.  Also is dependant on your config of apache e.g.  for your "default document root".


/var/www - nothing gets past this
/var/www/html - the subfolders .htaccess have some flexibility
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

bleggeeAuthor Commented:
Good point Rob - I have used for certificates, thought the last I knew, they had to be renewed every 3 months. I heard there may be a better solution now from LetsEncrypt (1 year renewal or automated renewals), do you know anything about that?
RobConnect With a Mentor Owner (Aidellio)Commented: is the scripting should your server environment be suited.
e.g.for apache on ubuntu, you can see it can be automated (and I do it for one of my local servers):
RobOwner (Aidellio)Commented:
hasn't heard about the one year renewals yet though
If you are event remotely inclined, to entertain extending an SSL certificate remaining on the site might as well consider whether transitioning to the unencrypted (http) is the way to go given your contention that many of the established users/visitors to your site have links/shortcuts to the secure site.

Like the band-Aid, the longer you contemplate on the transition, the longer you will remain in this ambiguous circumstance.

if your site is dynamic, php, etc. your pages could incorporate a check on whether the access is secure, and in those cases, display a banner, to indicate that secure accesses us going away by date certain..........
Dave BaldwinFixer of ProblemsCommented: has free certificates.  I use them for my own site.
bleggeeAuthor Commented:
Great Info ! Thank you all.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.