deansatch Posted March 1, 2010 Share Posted March 1, 2010 I am trying to force shared SSL on a specific page using htaccess but no matter what I try I keep getting a redirect loop I want visitors to: http://user.mydomain.com/securepage.php to be forced to: https://sharedssl.com/mydomain.com/user/securepage.php Does anyone know a good way to do this? I will have a couple more pages that need to follow this rule as well i.e. securepage2.php and securepage3.php EDIT: I don't want to have to specify the subdomain in my rewrite as this will probably be gone on the final site and I want it to work with or without www. e.g. I would prefer something like: ^securepage.php etc.... Quote Link to comment Share on other sites More sharing options...
roopurt18 Posted March 1, 2010 Share Posted March 1, 2010 RewriteCond %{HTTPS} off RewriteCond %{REQUEST_URI} securepage\.php RewriteRule .* https://sharedssl.com/mydomain.com/user/securepage.php Quote Link to comment Share on other sites More sharing options...
deansatch Posted March 1, 2010 Author Share Posted March 1, 2010 That's spot on, thanks! If I were to add a few more files, is there a cleaner way than writing that for each one? i.e. RewriteCond %{HTTPS} off RewriteCond %{REQUEST_URI} securepage\.php RewriteRule .* https://sharedssl.com/mydomain.com/user/securepage.php RewriteCond %{HTTPS} off RewriteCond %{REQUEST_URI} securepage2\.php RewriteRule .* https://sharedssl.com/mydomain.com/user/securepage2.php RewriteCond %{HTTPS} off RewriteCond %{REQUEST_URI} securepage3\.php RewriteRule .* https://sharedssl.com/mydomain.com/user/securepage3.php Quote Link to comment Share on other sites More sharing options...
roopurt18 Posted March 1, 2010 Share Posted March 1, 2010 You can try using an optional character class: RewriteCond %{HTTPS} off RewriteCond %{REQUEST_URI} securepage[23]?\.php RewriteRule securepage([23]?)\.php https://sharedssl.com/mydomain.com/user/securepage$1.php That should mean "securepage; followed by an optional 2 or 3; followed by .php" Quote Link to comment Share on other sites More sharing options...
deansatch Posted March 9, 2010 Author Share Posted March 9, 2010 Thanks for that - works great! A new problem now though. My ssl certificate doesn't show up if I arrive at the page from one page but it does from another. e.g. if I am at http://site.com/page/home with the link "/securepage.php" it takes me there and changes to https://etc... but no certificate is shown and clicking on the padlock tells me that some items are not secure. if I am at http://site.com/index.php with the same link "/securepage.php" it takes me there and changes to https:// etc... and the padlock is fine, the certificate shows in the address bar etc.. all perfect. Any ideas what is going on? Quote Link to comment Share on other sites More sharing options...
roopurt18 Posted March 10, 2010 Share Posted March 10, 2010 When it says some items are not secure, that usually occurs because the page itself is delivered over https but some of the images, javascript, css, or other files are still delivered over http. You can use FireBug in FireFox to figure out which resources are being delivered via HTTP on the HTTPS page. Chances are you have absolute links or references in your pages that begin with http:// Quote Link to comment Share on other sites More sharing options...
deansatch Posted March 10, 2010 Author Share Posted March 10, 2010 The file paths are all fine - most of which are relative. I forgot to mention that in the first example, when it says some items aren't secure, if I click refresh, it is fine. It only does this when landing on the page from that referring page, but if I come from the other referring page it is 100% securely loaded. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.