You'll need to mod_rewrite, because the mod_alias redirect directives are unconditional. With mod_rewrite, you can check the Requested URL using a pattern in the RewriteRule, and check the current connection by using RewriteCond to examine %{SERVER_PORT} to see whether it is 80 (HTTP) or 443 (HTTPS). In this way, you can do the redirect only when the URL pattern matches the URL you want to redirect, and only when the current port is 443, indicating an HTTPS connection.

See the documentation and tutorials cited in our Forum Charter [webmasterworld.com] to get started.

Jim

Thank you so much for your advice! I am still unsure about something.

What if the connection is unsecure to begin with (80)?

The problem is that a https page was indexed by google. So if the traffic coming in to the page is from Google, won't it be coming in as http traffic? Or am I thinking about this wrong?

Hi

I am trying to do exactly the same thing in my htaccess file because google has awarded a PR rank to some html pages when viewed through https but no PR when viewed through http.

From the documentation, it looks like putting [R=301,L] at the end of the RewriteRule would force an external redirection so Google should transfer the PR from the https to the http page. (Hopefully! )

However, I am having trouble getting my code to work. I have added the following to the end of my htaccess file but I can still view the https page in browser.

RewriteEngine On
RewriteCond %(SERVER_PORT) ^443$
RewriteRule ^(dev/dev-home\.html)?$ [mysite.co.uk...] [R=301,L]

Any ideas?
Thanks

If you want to force ssl mode for your site use this

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) [%{SERVER_NAME}...] [R=301,L]

If you want to force non-ssl mode for your site use this

RewriteEngine On
RewriteCond %{HTTPS} =on
RewriteRule ^/?(.*) [%{SERVER_NAME}...] [R=301,L]

Ok, thanks.

The problem is that some pages on this site must run under https and other don't need SSL at all. So the solution needs to be page specific rather than general.

But we don't want to force it for the whole site, just one page.

Does this mean that modifying the code as shown below will work for me?

RewriteEngine On
RewriteCond %{HTTPS} =on
RewriteRule ^/?(.*) [%{SERVER_NAME}...] [R=301,L]

RewriteEngine On
RewriteCond %{HTTPS} =on
RewriteCond %{REQUEST_URI} ^/SPECIFICFILE\.html [NC]
RewriteRule ^/?(.*) [%{SERVER_NAME}...] [R=301,L]

OK, I will give this a shot... but I see another question coming, so I will just shoot it off now.

What if I have several specific pages that need redirected? What is the most efficient way to do this? Would it be the code below?

RewriteEngine On
RewriteCond %{HTTPS} =on
RewriteCond %{REQUEST_URI} ^/SPECIFICFILE\.html [NC]
RewriteCond %{REQUEST_URI} ^/SPECIFICFILE2\.html [NC]
RewriteCond %{REQUEST_URI} ^/SPECIFICFILE3\.html [NC]
RewriteRule ^/?(.*) [%{SERVER_NAME}...] [R=301,L]

You'd better use [OR] flag to indicate either of all those URIs need to be rewritten. Alternatively, you can use the mapping feature of mod_rewrite. Map allows you to provide a replacement-table stored in a single text file, or even served through an external program!

Note that the %{HTTPS} variable is not available in all servers in all contexts. That is the reason I suggest using %{SERVER_PORT} instead.

Similarly, redirecting to %{SERVER_NAME} may give unexpected results if the ServerName is set to example.com, while your preferred hostname is www.example.com or vice-versa. I suggest hard-coding the hostname (domain name) when feasible, or using %{HTTP_HOST} if not. If you do this, then you can use a separate 301 redirect rule for domain canonicalization, without having %{SERVERNAME} force a non-canonical domain unexpectedly.

Jim

OK, I think I understand it all, but that doesn't make me any more skilled at actually implementing this. Is there any way that someone could take all of these suggestions and whip me up all of he code necessary to take all of this in to consideration. <snip>

Thanks.

[edited by: jdMorgan at 9:19 pm (utc) on Feb. 11, 2009]
[edit reason] No soliciting. Please see Terms of Service. [/edit]

Post your best shot, and we'll add any corrections.

OK, I think I have it... but I am perceiving that server response time seems to be slowing down... though this could be do to a different issue. Does this look correct?

RewriteEngine On
RewriteCond %{HTTPS} =on
RewriteCond %{REQUEST_URI} ^/EXAMPLE1\.php [NC,OR]
RewriteCond %{REQUEST_URI} ^/EXAMPLE2\.php [NC,OR]
RewriteRule ^/?(.*) http://www.example.com/$1 [R=301,L]

[edited by: jdMorgan at 9:34 pm (utc) on Feb. 11, 2009]
[edit reason] example.com [/edit]

That looks OK, ignoring the caveat about the %{HTTPS} variable posted above. But if you're concerned about performance, make the RewriteRule pattern more specific. This avoids processing the RewriteConds for most HTTP requests to your server (e.g. image and other included-object requests), since RewriteConds are not processed unless the RewriteRule pattern matches:

RewriteEngine on
#
RewriteCond %{HTTPS} =on
RewriteCond %{REQUEST_URI} ^/EXAMPLE1\.php$ [NC,OR]
RewriteCond %{REQUEST_URI} ^/EXAMPLE2\.php$ [NC,OR]
RewriteRule ^/?(.+\.php)$ http://www.example.com/$1 [R=301,L] 

Either way, the execution time of this rule will be trivial compared to everything else on your server. Mod_rewrite code is quite efficient when compared to standard scripting languages such as PHP, the use of which is quite common; You won't find many people worried about the performance impact of executing four lines of PHP code.

Jim

That's what I thought, I'm just paranoid b/c the stakes are high if you screw this kind of stuff up. Thank you so much for your help.

P.S. Nothing personal with the %{HTTPS}. Changing it was just one more thing for me to screw up as far as I was concerned. I like to go the lazy / safe route whenever possible.

Jake

Lazy/safe long term, or lazy/safe short term? I simply prefer the more-widely-supported method in case one of my sites is later moved to a different server configuration which doesn't make the HTTPS variable available in the context when/where I need it. One less "Murphy's Law" problem to chase down... :)

Jim

Until they increase their SEM budget... short term ;-)