Please help with page being redirected from http to https

Forum Moderators: phranque

Message Too Old, No Replies

Please help with page being redirected from http to https

ssl cert pages need to be redirected from http to https

CyberAtomic

11:45 pm on Aug 19, 2008 (gmt 0)

Hey everyone!

I need a little help.

I have a wordpress install that is using two particular pages to obtain credit card info and hence need to be https//

I've tried 301 redirects, rewrites, etc.. but they all end in loops.

I've tried this: (thinking I'm on the right track) but no luck.

RewriteRule "^/billpay/water-bill(/.*)" "https://%{HTTP_HOST}$1" [R=301,L]

I've also tried: redirect 301 /formpage/ [newdomain.com...]

But that results in a loop because the page is in effect redirecting itself.

I think the first example above is what I'm looking for, but I can't seem to get it to work.

Please help - I'm supposed to be going live and I can't until I get this working behind ssl.

Thanks for any help ya'll can give me!

jdMorgan

12:31 am on Aug 20, 2008 (gmt 0)

You need a conditional redirect -- redirect to SSL *only* if the request is not for SSL. Enter our friend, the "RewriteCond" directive:


# If not port 443 HTTPS
RewriteCond %{SERVER_PORT} !^443$
# Redirect payment page requests to HTTPS
RewriteRule ^/billpay/water-bill/(.*) https://%{HTTP_HOST}/billpay/water-bill/$1 [R=301,L]

I presume from your RewriteRule pattern that this code is going into a server-level config file, and not into .htaccess.

Jim

CyberAtomic

12:39 am on Aug 20, 2008 (gmt 0)

Actually, it is going into an .htaccess file. I can probably get something at the server level if I have to, but .htaccess would be much easier in this case.

Is it possible to do this - would this work in an .htaccess file?

Thank you for your quick response btw... I truly appreciate the help.

jdMorgan

1:22 am on Aug 20, 2008 (gmt 0)

If your RewriteRule was tested in an .htaccess file, it should not have looped -- Actually, the rule should never have been invoked at all, since the pattern would not match...

In .htaccess the URL 'seen' by RewriteRule is "localized" to the current directory -- In other words, the path to "this .htaccess file's" directory is stripped from the URL 'seen' by RewriteRule in that .htaccess file.

So in httpd.conf, conf.d, etc., we'd write the code like this:


# If not port 443 HTTPS
RewriteCond %{SERVER_PORT} !^443$
# Redirect payment page requests to HTTPS
RewriteRule [b]^/b[/b]illpay/water-bill/(.*) https://%{HTTP_HOST}/billpay/water-bill/$1 [R=301,L]

But in example.com/.htaccess, we'd need to change the RewriteRule pattern:


# If not port 443 HTTPS
RewriteCond %{SERVER_PORT} !^443$
# Redirect payment page requests to HTTPS
RewriteRule [b]^b[/b]illpay/water-bill/(.*) https://%{HTTP_HOST}/billpay/water-bill/$1 [R=301,L]

because the directory path to this .htaccess file is "/", so that gets removed.

Or in example.com/billpay/.htaccess it would be:


# If not port 443 HTTPS
RewriteCond %{SERVER_PORT} !^443$
# Redirect payment page requests to HTTPS
RewriteRule [b]^w[/b]ater-bill/(.*) https://%{HTTP_HOST}/billpay/water-bill/$1 [R=301,L]

I assume you have other working rules, and have the required Options settings and already have "RewriteEngine on" in your .htaccess file.

Jim

CyberAtomic

1:28 am on Aug 20, 2008 (gmt 0)

Beee-Utiful!

Thank you so much. That worked and I think I actually understand why, too.

Thanks again!