StevenOliver Posted January 28, 2019 Share Posted January 28, 2019 My API page ("example.com/api.php") will be accessed by a 3rd party 1000+ times per second and I want it exempt from my .htaccess RewriteRule/RewriteCond's. Currently my RewriteRule forces "non-www to www" and "non-https to https" using this code: RewriteCond %{HTTPS} off [OR] RewriteCond %{HTTP_HOST} !^www\.example.com\.com$ RewriteRule ^(.*)$ https://www.example.com/$1 [L,R=301] For "speed" purposes (to avoid the compounded microtimes of rewriting 1000+ queries per second) would this be the correct, most efficient, and fastest code (the API page need not be HTTPS): RewriteCond %{REQUEST_URI} !^/api.php RewriteCond %{HTTPS} off [OR] RewriteCond %{HTTP_HOST} !^www\.example.com\.com$ RewriteRule ^(.*)$ https://www.example.com/$1 [L,R=301] Thank you!! Quote Link to comment https://forums.phpfreaks.com/topic/308234-http-to-https-except-for-one-page/ Share on other sites More sharing options...
requinix Posted January 28, 2019 Share Posted January 28, 2019 If you're concerned about speed then you shouldn't be using a .htaccess in the first place. Put your configuration in your virtualhost configuration. Try your solution. Compare it to various other approaches you can think of. Load test and see how they perform. 1 hour ago, StevenOliver said: the API page need not be HTTPS If anything an API needs to be HTTPS. Make everything secure. Nothing over regular HTTP. And don't give it another thought. Quote Link to comment https://forums.phpfreaks.com/topic/308234-http-to-https-except-for-one-page/#findComment-1563985 Share on other sites More sharing options...
StevenOliver Posted January 29, 2019 Author Share Posted January 29, 2019 Thank you kindly for your suggestions. My web host will only allow .htaccess directives; they will not do anything special on the config level :-) I do as much testing as I possibly can before posting here -- in this case ,over two weeks of daily tests, and I simply cannot find a way to make this code any better. If anyone can improve upon my code, I sure would appreciate it. Quote Link to comment https://forums.phpfreaks.com/topic/308234-http-to-https-except-for-one-page/#findComment-1564029 Share on other sites More sharing options...
StevenOliver Posted January 29, 2019 Author Share Posted January 29, 2019 I agree w/ Requinix's position that "If anything an API needs to be HTTPS." However, for academic purposes, I'd like to know if any improvements can be made on the .htaccess code. Thank you. Quote Link to comment https://forums.phpfreaks.com/topic/308234-http-to-https-except-for-one-page/#findComment-1564031 Share on other sites More sharing options...
gizmola Posted January 29, 2019 Share Posted January 29, 2019 Apache 2.4 allows for conditional blocks. My guess is that it would be far more efficient not to even turn on rewrites when you know you don't need them, not to mention cleaner than muddying up your existing rules with something that you might only need for a period of time. <If "%{REQUEST_URI} != /api.php"> RewriteEngine On RewriteCond %{HTTPS} off [OR] RewriteCond %{HTTP_HOST} !^www\.example.com\.com$ RewriteRule ^(.*)$ https://www.example.com/$1 [L,R=301] </If> Quote Link to comment https://forums.phpfreaks.com/topic/308234-http-to-https-except-for-one-page/#findComment-1564064 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.