Welcome to WebmasterWorld Guest from 54.225.58.238

Forum Moderators: Ocean10000 & incrediBILL & phranque

Message Too Old, No Replies

accessing other files when using ssl

     
8:05 pm on Oct 27, 2006 (gmt 0)

Junior Member

10+ Year Member

joined:May 2, 2004
posts:82
votes: 0


I am implementing ssl in a site and I am forcing https in certain directories by using the following in .htaccess

RewriteCond %{SERVER_PORT}!^443$
RewriteRule (.*) [mydomain.co.uk...] [R=301,L]

As I have read in several places that SE’s can recognise https instead of http I am thinking of forcing http from root.

RewriteCond %{SERVER_PORT}!^80$
RewriteRule (.*) [mydomain.co.uk...] [R=301,L]

However I found that I get multiple warnings from IE because my css file and a few images are being called from non-secure locations.

I can make a secure directory with all the files & images I need but that is a duplication and I would like to find a smarter alternative.

Any suggestions?

Thanks

Ray…

11:07 pm on Oct 27, 2006 (gmt 0)

Senior Member

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 31, 2002
posts:25430
votes: 0


Try using *NIX symlinks (symbolic links), for example, symlinking a "new" secure css directory to the pre-existing non-secure css file directory. You can then force SSL on the new secure directory, which will appear to contain copies of the symlinked files. Not ideal, perhaps, but it prevents having to have real copies of the files in two directories.

Jim

4:03 am on Nov 4, 2006 (gmt 0)

New User

10+ Year Member

joined:Jan 11, 2006
posts:19
votes: 0


I used to run into this problem consistently and finally I found something that worked.

On on of my secure sites, lets say [example.com...] I wanted to give my visitors the option to post youtube videos and google videos. But then everyone kept seeing the "warning, mixed secure/non-secure content" on a page that had one of these videos.

I basically did a str_replace on all posts text for [video.google.com...] and [youtube.com...] to change them to [example.com...]

Then I used the following rewrite code:

RewriteEngine On
RewriteBase /
RewriteRule ^htaccess/googleplayer\.swf(.*)$ http://video.google.com/googleplayer.swf$1 [L]
RewriteRule ^htaccess/youtube/(.*)$ http://www.youtube.com/$1 [L]

and it worked!

But one caveat, this wouldn't turn the warning messages off in IE < version 7, so I added some simple HTML to the head of all my pages that only show up for people using IE < version 7.

<!--[if lt IE 7]>
<span id="ie7">Please Upgrade:
<a href="http://www.microsoft.com/windows/ie/downloads/default.mspx?mg_id=10013">IE 7!</a> ¦<a href="http://www.mozilla.com/en-US/">FF!</a></span>
<![endif]–>

Cool huh!

[edited by: jdMorgan at 1:29 pm (utc) on Nov. 4, 2006]
[edit reason] Examplified [/edit]

1:19 am on Nov 12, 2006 (gmt 0)

Junior Member

10+ Year Member

joined:May 2, 2004
posts:82
votes: 0


I eventually opted for two directories.

To make sure that I dont forget anything, I created a script that checks the files in the two directories and copies any newer or missing files across. I regularly call this using cron.

Not what I wanted to do, but it works.

Thanks fer yer help :)

2:25 am on Nov 12, 2006 (gmt 0)

Senior Member

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 31, 2002
posts:25430
votes: 0


With symlinks, you could have saved the bother. Simply create a "fake secure" directory, symlinked to the real directory. One directory, two filepath names. No copying or updating needed.

If you've only ever worked with Windows, a symlink is simliar to a Windows "Shortcut," but more powerful.

Jim

9:25 pm on Nov 12, 2006 (gmt 0)

New User

10+ Year Member

joined:Aug 30, 2005
posts:37
votes: 0


If you have your ssl virtualhost in your Appache config file pointing to the same document root as the non-ssl virtualhost for that domain then it should be able to serve any file from that directory as ssl or non ssl, I think.
I may be mistaken though but it works for me...

Chris