I am thinking that the way the page is put into https is the problem. The php code tests if the page is in https, and if not, redirects it using REQUEST_URI. So that is probably causing the loop or other problems. I think I have to resolve this aspect before working on the rules further.
But yes, probably separate handling would be simplest.