[FX.php List] [OFF] Rewrite for forcing http to https possible?

Dale Bengston dbengston at tds.net
Thu Sep 11 15:42:08 MDT 2008


Troy,

This is how I've done it as well.

Dale

On Sep 11, 2008, at 3:47 PM, Bob Patin wrote:

> Troy,
>
> I'm sure you already know that you can toggle SSL by simply changing  
> the URL and it'll take them in and out of SSL-land...
>
> You can use these two side-by-side:
>
> http://www.site.com
> https://www.site.com
>
> I'm not sure why you're thinking you'll need to use an htaccess  
> file, although perhaps I'm missing something here.
>
> If you want to force visitors into SSL-land, you can easily put up  
> redirect pages, with this as the whole content of the page:
>
> When they hit
>
> http://www.site.com/page.htm
>
> your page would contain this:
>
> <HTML>
> <HEAD>
> <META HTTP-EQUIV="Refresh" CONTENT="0;url=https://www.site.com/page.htm 
> ">
> </HEAD>
> <BODY BGCOLOR="#FFFFFF">
> </BODY>
> </HTML>
>
> At least, that's how I would do it... :)
>
> Very easy to do, and you can use a redirect like that for any page  
> that you want to ensure that your visitors view while under the SSL  
> cert.
>
> Best,
>
> Bob Patin
> Longterm Solutions
> bob at longtermsolutions.com
> 615-333-6858
> http://www.longtermsolutions.com
> iChat: bobpatin
> AIM: longterm1954
> FileMaker 9 Certified Developer
> Member of FileMaker Business Alliance and FileMaker TechNet
> --------------------------
> FileMaker hosting and consulting for all versions of FileMaker
> PHP • Full email services • Free DNS hosting • Colocation • Consulting
>
> On Sep 11, 2008, at 3:33 PM, Troy Meyers wrote:
>
>> I'm still plugging away at getting the new Mini to be our secure  
>> server (https), with the ability to do http too.
>>
>> Actually it does both now, but because nearly every one of our  
>> pages has a little login box, it seems appropriate for all pages to  
>> be https - if not for anything else but the reassurance of our  
>> paranoid customers.
>>
>> I do want people to be able to access it using http, but have those  
>> redirected to the very same URL, but as https instead.
>>
>> I had thought that I could do this with a RewriteRule in  
>> the .htaccess file at the root level of the web docs, but what I've  
>> written isn't working. I've tried a few variations, but none have  
>> worked. This is what I've got right now, still not working:
>>
>> #  this file is  /.htaccess at the root level of web server docs
>> RewriteEngine On
>> RewriteBase /
>> RewriteCond %{SERVER_PORT} 80
>> RewriteRule ^(.*) https://lab.troymeyers.com/$1 [R,L]
>>
>> (by the way, this test machine is not accessible from the outside  
>> right now, so it won't work to try)
>>
>> For example, if I put:
>>
>> http://lab.troymeyers.com/index.html
>> or
>> http://lab.troymeyers.com/phpinfo.php
>>
>> into my web browser, I'm expecting it to change the browser's  
>> displayed location to:
>>
>> https://lab.troymeyers.com/index.html
>> or
>> https://lab.troymeyers.com/phpinfo.php
>>
>> ...and load the secured version of the page.
>>
>>
>> Is this actually something I can do with a RewriteRule? If so, what  
>> am I doing wrong?
>>
>>
>> Once I get this ironed out, I'll need to combine that with  
>> the .htaccess requirements that I'm currently using on the old (non- 
>> SSL) machine, which is a fairly complex mess that deals the fact we  
>> still have CMDL pages emulated with BlackBelt. I'll paste it below  
>> my signature... but I'm showing it because I want to combine the  
>> https redirect with all of it as well, and perhaps what it does  
>> might complicate the https issue.
>>
>> Thanks for any help.
>>
>> -Troy
>>
>>
>> RewriteEngine On
>> RewriteBase /
>>
>> # bbt is the name of the directory (just below root) that the  
>> Blackbelt files are kept
>>
>> # Prevent certain directories from being redirected
>>
>> RewriteRule ^bbt/.*$ - [L]    # Make sure /bbt/ isn't redirected  
>> (to itself, a nasty loop)
>>
>> RewriteRule ^fmi/.*$ - [L]    # Make sure /fmi/ isn't redirected,  
>> or Blackbelt won't work
>>
>> # Add any other lines like the one below with folder names that you
>> # want to exclude from being redirected into Blackbelt
>>
>> RewriteRule ^php8/.*$ - [L]    # Make sure /php8/ isn't redirected  
>> because it doesn't need Blackbelt
>>
>> RewriteRule ^[^.]+\.php.*$ - [L]    # Added to allow normal .php  
>> files to work
>>
>> # Finally, redirect anything other than the above to /bbt/  - - - 
>> this step should be last
>> RewriteRule ^(.*)$ bbt/$1 [L]
>>
>> _______________________________________________
>> FX.php_List mailing list
>> FX.php_List at mail.iviking.org
>> http://www.iviking.org/mailman/listinfo/fx.php_list
>
> _______________________________________________
> FX.php_List mailing list
> FX.php_List at mail.iviking.org
> http://www.iviking.org/mailman/listinfo/fx.php_list



More information about the FX.php_List mailing list