Be aware that "HTTPS" is a variable which is not defined by Apache core -- It's defined by a non-core module, if I recall correctly. Therefore, robust solutions use SERVER_PORT and look for either (port=443) or (NOT port=443) to tell if the current access is HTTP or HTTPS.

As far as being of further help, we will need a comprehensive list of all cases where you wish to redirect HTTP to HTTPS or all cases where you do not wish to redirect HTTP to HTTPS, and of all cases where you wish to redirect HTTPS to HTTP or all cases where you do not wish to redirect HTTPS to HTTP.

The hard part is not the code, it's thoroughly defining the problem so you can code it correctly.

Jim

Thanks for the advise so far. I'll do the best I can to define the problem better.

What I'm trying to do is rewrite the following directory requests: /info, /action, and /registration to its https counterpart. All other requests should goto http only.

I've been using the redirect to get the these directories to https and that works fine.

Example:

Redirect /info [mydomain.com...]
Redirect /acton [mydomain.com...]
Redirect /registration [mydomain.com...]

When I test the redirects above it does redirect me as expected to https. However, I seem to be stuck in https for every other link I click on.

After reading your reply, there's a better way for me using rewrite.

I've seen and tried some of the examples in other posts but seem to be missing the boat. Can you shed some light?

Thanks.

Dave

I've tried this yet I'm always stuck in HTTPS.

#
# Redirect non-secure pages (/user, /register or /action) to HTTPS if requested by HTTP

RewriteCond %{SERVER_PORT}!^433$
RewriteRule ^/(registerŠuserŠaction)$ [example.com...] [R=301,L]

#
# Redirect non-secure pages to HTTP if requested by HTTPS

RewriteCond %{SERVER_PORT} ^443$
RewriteCond %{REQUEST_URI}!^/(registerŠuserŠaction)$
RewriteRule (.*) http://www.example.com/$1 [R=301,L]

Where is this code located -- In httpd.conf, conf.d, or in an .htaccess file? If in .htaccess, is it in the top-level web-accessible directory, or somewhere else. (Code in an .htaccess file must be located in part of the filesystem that will be traversed for any request upon which it is to act.)

Also, are you completely flushing your browser cache after every change to the code? If the code is in httpd.conf or conf.d, are you restarting your server?

Jim

Just making sure I've included all necessary details for the best response:

All rules are located in a file named mysite.conf where there are VirtualHosts defined. I'm including what in this file with modified url.

<VirtualHost *:80>
ServerName www.mysite.com
ServerAlias www.mysite.net mysite.com mysite.net dev.mysite.com dev.mysite.net vote.mysite.org

ServerAdmin info@mysite.com
PerlModule Apache::DBI
PerlRequire /web/tusa/conf/apache_preload.pl
Include /web/tusa/conf/apache.conf

<Location /admin>
Options +Includes
XBitHack on
</Location>

Redirect /donationonline.html [mysite.com...]
Redirect /donate [mysite.com...]

RewriteEngine on

#
# Redirect non-secure pages to HTTP if requested by HTTPS

RewriteCond %{SERVER_PORT} ^443$
RewriteCond %{REQUEST_URI}!^/(registerŠuserŠaction)$
RewriteRule ^/(.*)$ [mysite.com...] [R=301,L]

#
# Redirect non-secure pages (/user, /register or /action) to HTTPS if requested by HTTP

RewriteCond %{SERVER_PORT}!^433$
RewriteRule ^/(registerŠuserŠaction)$ [mysite.com...] [R=301,L]

UseCanonicalName off

ScriptAlias /cgi-bin/ /web/tusa/cgi-bin/
CustomLog /var/log/httpd/tusa/access_log combined
ErrorLog /var/log/httpd/tusa/error_log
</VirtualHost>

<VirtualHost *:443>

SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl.crt/www.mysite.com.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/www.mysite.com.insecure
SSLCertificateChainFile /etc/httpd/conf/ssl.crt/sf_issuing.crt

ServerName www.mysite.com
ServerAlias www.mysite.net mysite.com mysite.net vote.mysite.org

Alias /usage /var/log/httpd/tusa/usage/

ServerAdmin info@mysite.com
PerlModule Apache::DBI
PerlRequire /web/tusa/conf/apache_preload.pl
Include /web/tusa/conf/apache.conf

<Location /admin>
Options +Includes
XBitHack on
</Location>

UseCanonicalName off

ScriptAlias /cgi-bin/ /web/tusa/cgi-bin/
CustomLog /var/log/httpd/tusa/access_log combined
ErrorLog /var/log/httpd/tusa/error_log
</VirtualHost>

Ok I figured out what was wrong. I needed to put one of the rules in the <VirtualHost *:443> like so:

RewriteEngine on

#
# Redirect non-secure pages to HTTP if requested by HTTPS

RewriteCond %{SERVER_PORT} ^443$
RewriteCond %{REQUEST_URI}!^/(registerŠuserŠactionnetworkŠdonateŠdfaxŠfaxcenter)$
RewriteRule ^/(.*)$ [mysite.com...] [R=301]

I've encountered a problem with multiple rewriterules. This is since /donationonline.html is not fitting the same patern. How would I create a RewriteRule for /donationonline.html going to
[mysite.com...]

From my understanding A RewriteCond affects the single rewriterule which follows it. If you wish to affect more than one rule, you can either duplicate the RewriteCond(s) for each rewriterule, or you can change the sense of the logic so that the following rule is NOT executed based on the RewriteCond, and then use that rule to skip the original rule(s) so shouldn't this work?:

RewriteCond %{SERVER_PORT} ^443$
RewriteRule ^/donationonline.html$ [mysite.com...] [R=301]

Looks like it should, but two points:

1) If you don't need to run the output of this rule through subsequent RewriteRules for further URL changes, then use an [L] flag in addition to the [R=301] -- Make it [R=301,L]. Rule of thumb is to always use [L] unless you have a good reason not to.

2) Since this code is located in a <VirtualHost> container specific to port 443, it is not strictly necessary to include the port-based RewriteCond -- Since it's inside that vHost container, none of this code (including the RewriteCond) will execute if the port isn't 443.

Jim