21281 Posts in 5729 Topics by 2600 members
|
Page:
1
|
Go to End | |
| Author | Topic: | 2040 Views |
-
.htaccess file and SSL redirect help
8 July 2010 at 1:28am
HI Guys:
I have been slowly getting my site to work with the company provided ssl certificate. Their process involves me using a redirect in .htaccess so that if someone goes to a form or the admin pages it encrypts the info behind their ssl cert.
This part I got to work, but now my issue is that when i navigate back to to a page that is not normally ssl protected the url still shows https.
Is there something I need to add to the .htaccess file to make it revert back to non ssl? Below is my .htaccess code. There is both a .htaccess-ssl and .htaccess page.
.htacess-ssl
### SILVERSTRIPE START ###
<Files *.ss>
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Files><Files web.config>
Order deny,allow
Deny from all
</Files><IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /XXXXXXXXRewriteCond %{REQUEST_URI} ^(.*)$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule .* sapphire/main.php?url=%1&%{QUERY_STRING} [L]
</IfModule>### SILVERSTRIPE END ###
.htaccess file
### SILVERSTRIPE START ###
<Files *.ss>
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Files><Files web.config>
Order deny,allow
Deny from all
</Files><IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /RewriteCond %{SERVER_PORT} 80
# Force SSL redirect for certain pages.
RewriteCond %{REQUEST_URI} ^/(admin|contact|secure)
RewriteRule (.*) https://mysite.com/$1 [R,L]
# Use this for production deployment on origin
#RewriteRule (.*) https://mysite.com/$1 [R,L]# All other requests pass through to this server.
RewriteCond %{REQUEST_URI} ^(.*)$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule .* sapphire/main.php?url=%1&%{QUERY_STRING} [L]
</IfModule>### SILVERSTRIPE END ###
-
Re: .htaccess file and SSL redirect help
20 July 2011 at 10:22am
I know this is a while ago but any chance you ever get this figured out? I found if(Director::isLive()) Director::forceSSL(array('/^admin/', '/^Security/')); in Director.php but this seems to do the same thing, it will take you to https but not send you back to http which can often be important when the site has for example images taken from elsewhere like a facebook link with facebook hosted image as an example
cheers
Will
-
Re: .htaccess file and SSL redirect help
21 July 2011 at 6:22am Last edited: 21 July 2011 6:23am
Realistically it shouldn't matter if you're using a secure connection for non-secure pages just make sure you're setting the canonical meta tag in your header for SEO
-
Re: .htaccess file and SSL redirect help
5 August 2011 at 8:13am
Hi,
If I have read the first post correctly I managed to implement this functionality on a non silverstripe site I was working on by adding the following in the .htaccess.
#This checks to see if browser connection is via https, then checks to see if the browser is not connecting to portal/ or administrator/ urls before re-writting the url and connecting via a http connection.
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !(portal|administrator)/
RewriteRule (.*) http://www.yourdomain.co.uk/$1 [R=301,L]#This checks to see if browser connection is via http, then checks to see if browser is connecting to portal/ or administrator/ urls before re-writting the url and connecting via a https connection.
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} (portal|administrator)/
RewriteRule (.*) https://www.yourdomain.co.uk/$1 [R=301,L]It should work here and I hope that this helps someone.
Alternatively instead of adding this to the .htaccess you could code this into your page controller, I found some code on this forum somewhere that worked for me. I can dig it out if anyone is interested.
Cheers,
Jim
| 2040 Views | ||
|
Page:
1
|
Go to Top |
