I want to open the login page on my website only with https , not the website. after successful user authentication, the whoud website starts up again on http .

currently my main login page is test_index.php , where I included test_header.php

my base code on test_header.php is equal

 if($_SERVER['SERVER_PORT'] != 443) { header("HTTP/1.1 301 Moved Permanently"); header("Location: https://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']); exit(); } 

but it will make a complete website in https
I also read here that this is possible with .htaccess , so I test_header.php code snippet from test_header.php and add the following lines to .htaccess and

 <IfModule mod_rewrite.c> RewriteEngine on # 301 redirect to domain to 'www.' RewriteCond %{HTTP_HOST} ^testweb.com$ [NC] RewriteRule ^(.*)$ http://www.testweb.com/$1 [R=301,L] </IfModule> <FilesMatch test_index.php> RewriteEngine on RewriteCond %{HTTPS} !=on RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R,L] </FilesMatch> 

Note: testweb.com is just an imaginary name, not an actual website.

but the full site is still running on https, please tell me where am I making a mistake?

Edit

@webbiedave, please check my updated code , is this the right way?

 if ($_SERVER['REQUEST_URI'] == '/test_index.php') { // only check https on login if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') { header("HTTP/1.1 301 Moved Permanently"); header("Location: https://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']); exit(); } else { die("Sorry,Your website is not secure"); } } elseif (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') { // header("HTTP/1.1 301 Moved Permanently"); header("Location: http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']); exit(); } 

thanks