Options     +FollowSymLinks
RewriteEngine  On

RewriteBase /

RewriteCond %{HTTP_HOST} . 
RewriteCond %{HTTP_HOST} !^www\.the-emporium.co.uk [NC] 
RewriteRule ^(.+)$ http://www.the-emporium.co.uk/$1 [R=301,L]

RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{HTTPS} =on
RewriteRule ^(.+)/$ https://www.the-emporium.co.uk/$1 [R=301,L]

RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{HTTPS} !=on
RewriteRule ^(.+)/$ http://www.the-emporium.co.uk/$1 [R=301,L]

RewriteCond %{HTTPS} =on
RewriteRule !^(cart|order-details|confirm-order|transaction-registration|order-successful|order-failed|account-details) http://www.the-emporium.co.uk%{REQUEST_URI} [R=301,L]

RewriteCond %{HTTPS} !=on
RewriteRule ^(cart|order-details|confirm-order|transaction-registration|order-successful|order-failed|account-details) https://www.the-emporium.co.uk%{REQUEST_URI} [R=301,L]

I have tried the above as well. Each time I put the penultimate rewrite in it fails. I have spent the last few days browsing this and other sites for the solution or something that might indicate where I am going wrong but have been unable to figure it out.

Can anybody see where I am going wrong?

The rule order is also incorrect, and the rules as-written will interfere with each other, causing chained/multiple redirects at best, and mis-operation at worst.

All external redirects should be listed first, in order from most-specific patterns and conditions (one or only a few requests affected) to least-specific patterns and conditions (more or many requests affected), followed by any internal rewrites -- again in order from most-specific to least-specific.

Access-control code, if any, should precede the external redirects.

Options +FollowSymLinks
RewriteEngine On
#
RewriteBase /
#
# Externally redirect HTTPS requests for non-secure pages to HTTP, also removing any
# trailing slash if present. Note that requests for object URL-paths shared between HTTP
# and HTTPS pages are excluded to prevent "Mixed secure/non-secure content" warnings.
RewriteCond %{HTTPS} =on
RewriteCond $1 !\.(gif|jpe?g|png|ico|css|js)$
RewriteCond $1 !^(cart|order-details|confirm-order|transaction-registration|order-successful|order-failed|account-details)/?$
RewriteRule ^(([^/]+/)*[^/]+)/?$ http://www.the-emporium.co.uk/$1 [R=301,L]
#
# Externally redirect HTTP requests for secure pages to HTTPS, also removing any trailing slash if present
RewriteCond %{HTTPS} !=on
RewriteRule ^(cart|order-details|confirm-order|transaction-registration|order-successful|order-failed|account-details)/?$ https://www.the-emporium.co.uk/$1 [R=301,L]
#
# Externally redirect to remove trailing slash, preserving the originally-requested HTTP/HTTPS
# protocol unless the requested URL-path resolves to a physically-existing directory
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{HTTPS}s ^(on(s)|offs)$
RewriteRule ^(.+)/$ http%2://www.the-emporium.co.uk/$1 [R=301,L]
#
# Externally redirect non-blank, non-canonical hostname requests to the canonical hostname, preserving
# the originally-requested HTTP/HTTPS protocol. Note that FQDN-format hostnames, hostnames having an
# appended port number, and mis-cased hostname requests will all get redirected.
RewriteCond %{HTTP_HOST} !^(www\.the-emporium\.co\.uk)?$
RewriteCond %{HTTPS}s ^(on(s)|offs)$
RewriteRule ^(.+)$ http%2://www.the-emporium.co.uk/$1 [R=301,L]

Some server configurations allow the use of the %{HTTPS} variable having a value of "on" to provide HTTP/HTTPS request status. Others must use the %{SERVER_PORT} variable having a value of "443" to provide this status. If you are not sure that the %{HTTPS} variable has been populated before your code executes, I suggest that you use the %{SERVER_PORT} method.

Delete or disable your browser cache before testing new server-side code.

Jim

Hi Jim,

Thank you so much for your response. I have tried the suggest resolution. Unfortunately it isn't working for me. The problem appears to be the first rule.

# Externally redirect HTTPS requests for non-secure pages to HTTP, also removing any
# trailing slash if present. Note that requests for object URL-paths shared between HTTP
# and HTTPS pages are excluded to prevent "Mixed secure/non-secure content" warnings.
RewriteCond %{SERVER_PORT} =443
RewriteCond $1 !\.(gif|jpe?g|png|ico|css|js)$
RewriteCond $1 !^(cart|order-details|confirm-order|transaction-registration|order-successful|order-failed|account-details)/?$
RewriteRule ^(([^/]+/)*[^/]+)/?$ http://www.my-site.co.uk/$1 [R=301,L]

This works fine for the pages that should be redirected to http however it is redirecting my https checkout pages to http and rewriting the uri to the actual file rather than the "nice" url i.e /cart goes to /cart_page.php. I am guessing that this is why it is also redirecting to http rather than staying https. Any idea why this might be?

Also on a side note i have referenced my website address and I can't figure out how to replace it with my-site by editing the posts. Is this possible?

Use example.com as it expressly reserved for this purpose.

The "owner edit" link is below your username on every post, but is only available for a short time after you post.

The rule above can only fail in the described manner if your secure pages are on a port other than 443.

If this is the case, then change the RewriteCond to indicate the correct SSL port number.

Additionally, the script filepaths will be exposed as URLs only if your rule order is incorrect: List all external redirects first, followed by your internal rewrites. Use the [L] flag on all rules, unless your know why you want to break that law.

This rule ordering requirement applies to all redirects and all rewrites across all config and .htaccess files -- fixing the problem may require 'promoting' redirects to higher-level files or moving rewrites to lower-level files, in order to guarantee that all redirect rules get processed before any rewrites can be invoked.

Jim