开发者

.htaccess force ssl when not www

开发者 https://www.devze.com 2023-01-02 02:59 出处:网络
I have a site which uses ssl when accessing a subdomain which essentially is hosting the actual app, whereas the front end site is present at www, which I don\'t want to use ssl. So this would allow:
相关专题:.htaccessredirectssl

I have a site which uses ssl when accessing a subdomain which essentially is hosting the actual app, whereas the front end site is present at www, which I don't want to use ssl. So this would allow:

http://www.domain.com

but if somebody types:

http://secure.domain.com

they get forced to:

https://secure.domain.com

which when using this subdomain doesn't allow any non-ssl traffic.

Currently I have this in my .htaccess file:

RewriteCond %{HTTP_HOST} ^domain\.com [NC]
RewriteRule ^(.*)$ http://www.domain.com/$1 [L,R=301]

RewriteCond "%{HTTP_HOST}" !^www.* [NC]
RewriteCond "%{HTTP_HOST}" ^([^\.]+).*$
RewriteRule ^(.*)$ https://secure.domain.com/a/login/%1 [R=301,L]

This works fine, but if I then edit the URI to remove the s from https it still loads the page but without ssl.

If I add:

SSLOptions +StrictRequire
SSLRequireSSL

to the top of the .htaccess file then it always forces the traffic to ssl, but that is for all s开发者_C百科ubdomains including www.

Is there a way to catch only the non-www traffic and force that to use ssl?

EDIT:

To clarify:

For example, if you are at: 

https://secure.domain.com/a/login/test

and the edit the URI to be 

http://secure.domain.com/a/login/test

then it still loads the page but not using ssl. But if I use 

SSLRequireSSL

then it forces the requirement for the entire site, and I don't want to use ssl at 

http://www.domain.com

SOLVED

After a bit of tweaking I have now solved this issue. What I did was edit the .htaccess file that was in the subdirectory where the application is: https://secure.domain.com/a/login/test and set it to detect if ssl was being used or not (I should add the rest of the .htaccess file is for the benefit of CodeIgniter):

RewriteEngine on

RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

RewriteCond %{HTTPS} on
RewriteCond $1 !^(index\.php|images|includes|css|js|robots\.txt|favicon\.ico)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?/$1 [L]
0

上一篇:

:下一篇

更多 问答 相关资讯:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

关注公众号

热门标签

图文推荐

Delphi - Custom drawing a message list

Delphi - Custom drawing a message list
C++ header-only include pattern

C++ header-only include pattern
IE7 Margin Collapses Into Padding

IE7 Margin Collapses Into Padding
in CoffeeScript, how can I use a variable as a key in a hash?

in CoffeeScript, how can I use a variable as a key in a hash?
Interactive visualization of a graph in python [closed]

Interactive visualization of a graph in python [closed]
How to customise PHP MYSQL tables?

How to customise PHP MYSQL tables?
High quality, simple random password generator

High quality, simple random password generator
Image Recognition ApI in android

Image Recognition ApI in android

开发者开发者网给大家分享系统运维,大数据运维,云计算,编程开发技巧,路由交换,运维和开发相关的资讯及技术文章,同时StackOverflow中文社区,知识经验交流分享。

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,如存在版权或非法内容,欢迎举报,我们将尽快予以删除。邮箱:devze@qq.com

Copyright © 2018-2020 开发者. All rights reserved. Powered by 开发者ICP备案号: 京ICP备10032868号-9