OJB Posted January 12, 2010 Posted January 12, 2010 Hey guys I am currently (at work) working on some rewrites. Basically I have a RewriteRule in my Virtualhost (:80 not :443) which checks if "purchase" is in the URL, and if it is it rewrites to our SSL HTTPS layer as so: > RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (/purchase) https://%{HTTP_HOST}%{REQUEST_URI} This seems to work nicely. So http://www.ourdomain.com/purchase gets rewritten to https://www.ourdomain.com/purchase as expected. The problem is I need another rule to go the other way. So if we are currently using https and we are accessing a page that isn't "purchase" I want to rewrite back to http. So in my Virtualhost (this time :443) I do the following: > RewriteEngine On RewriteCond %{HTTPS} on RewriteRule !(/purchase) http://%{HTTP_HOST}%{REQUEST_URI} This doesn't work. I get an infinite redirect loop. I also tried this: > RewriteEngine On RewriteCond %{HTTPS} on RewriteCond %{REQUEST_URI} !purchase RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} Again it doesn't seem to work. Can anyone help me with the rewrite back to http from https as http -> https seems to be working nicely. Quote
OJB Posted January 12, 2010 Author Posted January 12, 2010 > RewriteEngine On RewriteCond %{HTTPS} on RewriteCond %{REQUEST_URI} !purchase RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} Sorry that last line should read RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} Quote
TCH-Bruce Posted January 12, 2010 Posted January 12, 2010 I googled and found this which may help. Basically add a /purchase section to your .htaccess file and a / section. # /purchase/.htaccessRewriteEngine On RewriteCond %{SERVER_PORT}!443 RewriteRule ^(.*)$ https://www.x.com/purchase/$1 [R,L] And because https is slower than http, take the users out of https mode when they leave the /purchase/ directory by: # /.htaccess RewriteEngine On RewriteCond %{SERVER_PORT} 443 RewriteRule ^(.*)$ https://www.x.com/$1 [R,L] Quote
OJB Posted January 12, 2010 Author Posted January 12, 2010 Thanks for that, Bruce. Although there is no actual "purchase" directory, unfortunately. The site is built with a custom MVC pattern PHP framework which rewrites urls so "/purchase" actually corresponds to something along the lines of: index.php?controller=purchase&action=buy Not exactly what it is but gives a decent representation of how it is working behind the scenes. I tried initially doing it all in the root .htaccess file, but for some reason HTTPS requests were ignoring my rewrites. So I decided to move them into our Virtualhosts in our httpd.conf file (this should be faster and more secure any way - I think?) and put them in the :80 and :443 vhost definitions themselves. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.