accessing other files when using ssl

Forum Moderators: phranque

Message Too Old, No Replies

accessing other files when using ssl

Wayder

8:05 pm on Oct 27, 2006 (gmt 0)

I am implementing ssl in a site and I am forcing https in certain directories by using the following in .htaccess

RewriteCond %{SERVER_PORT}!^443$
RewriteRule (.*) [mydomain.co.uk...] [R=301,L]

As I have read in several places that SE’s can recognise https instead of http I am thinking of forcing http from root.

RewriteCond %{SERVER_PORT}!^80$
RewriteRule (.*) [mydomain.co.uk...] [R=301,L]

However I found that I get multiple warnings from IE because my css file and a few images are being called from non-secure locations.

I can make a secure directory with all the files & images I need but that is a duplication and I would like to find a smarter alternative.

Any suggestions?

Thanks

Ray…

jdMorgan

11:07 pm on Oct 27, 2006 (gmt 0)

Try using *NIX symlinks (symbolic links), for example, symlinking a "new" secure css directory to the pre-existing non-secure css file directory. You can then force SSL on the new secure directory, which will appear to contain copies of the symlinked files. Not ideal, perhaps, but it prevents having to have real copies of the files in two directories.

Jim

cduke250

4:03 am on Nov 4, 2006 (gmt 0)

I used to run into this problem consistently and finally I found something that worked.

On on of my secure sites, lets say [example.com...] I wanted to give my visitors the option to post youtube videos and google videos. But then everyone kept seeing the "warning, mixed secure/non-secure content" on a page that had one of these videos.

I basically did a str_replace on all posts text for [video.google.com...] and [youtube.com...] to change them to [example.com...]

Then I used the following rewrite code:

RewriteEngine On
RewriteBase /
RewriteRule ^htaccess/googleplayer\.swf(.*)$ http://video.google.com/googleplayer.swf$1 [L]
RewriteRule ^htaccess/youtube/(.*)$ http://www.youtube.com/$1 [L]

and it worked!

But one caveat, this wouldn't turn the warning messages off in IE < version 7, so I added some simple HTML to the head of all my pages that only show up for people using IE < version 7.

<!--[if lt IE 7]>
<span id="ie7">Please Upgrade:
<a href="http://www.microsoft.com/windows/ie/downloads/default.mspx?mg_id=10013">IE 7!</a> ¦<a href="http://www.mozilla.com/en-US/">FF!</a></span>
<![endif]–>

Cool huh!

[edited by: jdMorgan at 1:29 pm (utc) on Nov. 4, 2006]
[edit reason] Examplified [/edit]

Wayder

1:19 am on Nov 12, 2006 (gmt 0)

I eventually opted for two directories.

To make sure that I dont forget anything, I created a script that checks the files in the two directories and copies any newer or missing files across. I regularly call this using cron.

Not what I wanted to do, but it works.

Thanks fer yer help :)

jdMorgan

2:25 am on Nov 12, 2006 (gmt 0)

With symlinks, you could have saved the bother. Simply create a "fake secure" directory, symlinked to the real directory. One directory, two filepath names. No copying or updating needed.

If you've only ever worked with Windows, a symlink is simliar to a Windows "Shortcut," but more powerful.

Jim

Citrus

9:25 pm on Nov 12, 2006 (gmt 0)

If you have your ssl virtualhost in your Appache config file pointing to the same document root as the non-ssl virtualhost for that domain then it should be able to serve any file from that directory as ssl or non ssl, I think.
I may be mistaken though but it works for me...

Chris