开发者

Using Apache Rewrite to go from HTTP to HTTPS and vice-versa, but I get a 302 response and my app errors out

开发者 https://www.devze.com 2022-12-20 18:07 出处:网络
I really hope someone knows what I\'m doing wrong here, cuz I sure don\'t! We have a certain page on our site which has account balance information on it, and we want to make it secure with SSL.But w

I really hope someone knows what I'm doing wrong here, cuz I sure don't!

We have a certain page on our site which has account balance information on it, and we want to make it secure with SSL. But we only want this one particular page to be secure. I have the following in the localhost:80 virtualhost, and it works perfect:

RewriteCond %{HTTPS} off
RewriteCond %{SCRIPT_FILENAME} \/account\.php(.*) [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [QSA,L]

However, as you might guess, we want all other pages to just use HTTP. So I stuck this little snippet into my localhost:443 virtualhost:

RewriteCond %{HTTPS} on
RewriteCond %{SCRIPT_FILENAME} !\/account\.php(.*) [NC]
RewriteRule ^(.*)$ http://%{HTTP_HOST}/$1 [QSA,L]

...And that's when the problem happens. I have no problems going back to HTTP, but when I click the link开发者_如何学Go to go to the account page, it changes to HTTPS but I immediately get an error 302 response. I do not get this response when I remove either one of those rewrite rules, it only happens when they are both there.

I have tried replacing [QSA] with [R] and [R=301], to no avail.

(I'm aware that the %{HTTPS} on/off is a bit redundant ;))

So I have two questions:

  1. Is there something I am forgetting or doing wrong that might be causing this?
  2. Is using [QSA] redundant with $1? We use the GET method a lot to specify pages and what not.

We are using PHP 5.2.9 and Apache 2.

Many thanks in advance!!

Brian


Whilst it's on here (and not moved to serverfault).. try

RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^/account\.php https://%{HTTP_HOST}/account.php [R=301,QSA,L]

HTTP/1.1 302 = Found (and is not an error code), but temporarily at another location.

EDIT Actually, whilst you are putting the code in separate VirtualHosts, you may as well do

(In :80) 
RewriteRule ^/account\.php https://%{HTTP_HOST}/account.php [R=301,QSA,L]

(in :443)
RewriteCond %{REQUEST_URI} !/account\.php$
RewriteRule ^(.*) http://%{HTTP_HOST}$1 [R=301,QSA,L]
0

精彩评论

暂无评论...
验证码 换一张
取 消