Using 'mod_rewrite', how to force HTTPS for specific paths and HTTP for everyone else?

Question

Using 'mod_rewrite', how to force HTTPS for specific paths and HTTP for everyone else?

I have a php apache application using mod_rewritefor pure urls. I have a lot of problems getting certain pages and paths forced by HTTPS, as well as ensuring that everyone else remains as HTTP.

Here is an example of what I mean:

// http://www.example.com/panel/ -> Should always redirect to HTTPS
// http://www.example.com/store/ -> Should always redirect to HTTPS

// Anything not in the above should always be HTTP
// so...
// https://www.example.com/not-in-above-rules -> Should always redirect to HTTP

Any ideas?

+3

apache mod-rewrite

Ryall Nov 29 '09 at 17:28

source share

4 answers

: HTTPS, HTTPS. HTTPS , HTTPS.

+2

yfeldblum 29 . '09 18:25

:

RewriteCond %{HTTP_HOST}         ^www.example.com(:80)?$

RewriteRule ^/panel/(.*) https://www.example.com/panel/$1 [R=301,L]

,

0

Ass3mbler 29 . '09 17:33

URL-. : , http_host . , Thawte "www" . , "www":

RewriteCond %{HTTP_HOST} ^www\.mysite\.com [NC]
RewriteRule ^(login\.php|members\.php)$ https://%{HTTP_HOST}%{REQUEST_URI}
RewriteCond %{HTTP_HOST} ^mysite\.com [NC]
RewriteRule ^(login\.php|members\.php)$ https://www.${HTTP_HOST}%{REQUEST_URI}

Or, to do this in a slightly smaller space, you can discard the second line and hard-code the domain in 4th. I am sure there is a more elegant way to do this, but htaccess is disappointing and it works.

0

toastyghost Jun 17 '10 at 17:07

source share

tersmitten · Accepted Answer · 2009-11-29T18:26:41+0000

You can put something like this in your: 80 vhost:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(panel/|store/payment) https://%{HTTP_HOST}%{REQUEST_URI}

And this is in yours: 443 vhost:

RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule !^(panel/|store/payment) http://%{HTTP_HOST}%{REQUEST_URI}

Using 'mod_rewrite', how to force HTTPS for specific paths and HTTP for everyone else?

More articles: