Welcome to WebmasterWorld Guest from 3.92.92.168

Forum Moderators: phranque

Message Too Old, No Replies

Switching to SSL

What to do with non-https objects?

     
5:47 pm on Jul 18, 2018 (gmt 0)

Junior Member

5+ Year Member

joined:Aug 15, 2010
posts: 43
votes: 0


Hi,
I just realized that https page will not load any non-https object (such as css, js, etc). Do I need to manually change all these urls to https on all my pages one at a time, or there is a smarter way (say, through htaccess)?
To be exact, those objects that have a relative url do load, only those with full url would not (for example, sub-domains refer to css file in root directory with full url pass).
1:50 pm on July 26, 2018 (gmt 0)

Senior Member

WebmasterWorld Senior Member Top Contributors Of The Month

joined:Nov 13, 2016
posts:1194
votes: 288


BTW - SSL is no longer used. It was replaced with TLS

More than replaced, it's banished since 2014. But I guess that people will continue to talk about SSL , ... the same way people (and this forum) continue to use GMT, in spite of the fact that it was replaced by UTC in ... 1972.
5:37 pm on July 26, 2018 (gmt 0)

Junior Member

5+ Year Member

joined:Aug 15, 2010
posts: 43
votes: 0


Don't "worry" for them.


OK, now I will not. (-:
5:47 pm on July 26, 2018 (gmt 0)

Junior Member

5+ Year Member

joined:Aug 15, 2010
posts: 43
votes: 0


@Lucy24
https://%{HTTP_HOST}
Don’t do this. Requests for http://example.com will then be sent to https://example.com while requests for http://www.example.com are sent to https://www.example.com and then half of those requests will have to be redirected all over again.


If I add this line would it take care of this?
RewriteCond %{HTTP_HOST} ^mydomain.com$
RewriteCond %{SERVER_PORT} 80


Although I did not do any redirects from non-www to www, most of my traffic goes to www , so I don't worry much about it, but thank you for noting this.
6:45 pm on July 26, 2018 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member lucy24 is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month

joined:Apr 9, 2011
posts:15934
votes: 889


There needs to be an [OR] between the two conditions: “If the request is wrong in either of these ways, then redirect.”

And then you make a second rule, using only the HTTPS condition, to grab all other requests.
This 34 message thread spans 2 pages: 34