Toggle http/https based on REQUEST_URI

Fix it!!

Toggle http/https based on REQUEST_URI

Postby jazzido » Thu Sep 29, 2005 9:49 am

Hello everybody,

I'm trying to write a set of RewriteRules that allow me to redirect visitors to the https server for my site only for certain locations (URIs).

This is what I was able to do so far, but I'm having problems with the last RewriteRule.

Code: Select all
# If we're on SSL, and requested location is not 'sensitive'
# redirect to http
RewriteCond %{SERVER_PORT} =443
RewriteCond %{REQUEST_URI} !(signup/.+)
RewriteCond %{REQUEST_URI} !(user/.+/update_cc)
RewriteCond %{REQUEST_URI} !(signup_paid.*)
RewriteRule ^(.*)$ http://%{SERVER_NAME}/$1 [R,L]

# If we're unencrypted and requested location is 'sensitive',
# redirect to https
RewriteCond %{SERVER_PORT} =80
RewriteCond %{REQUEST_URI} signup/.+ [OR]
RewriteCond %{REQUEST_URI} user/.+/update_cc [OR]
RewriteCond %{REQUEST_URI} signup_paid.*
RewriteRule ^(.*)$ https://%{SERVER_NAME}/$1 [L,R]

RewriteRule ^$ index.html [QSA]
RewriteRule ^([^.]+)$ $1.html [QSA]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ dispatch.fcgi [QSA,L]


So, if a visitor requests http://myserver.com/signup_paid, Apache redirects him to https://myserver.com/signup_paid.

Now, the new request to https://myserver.com/signup_paid causes a redirect to http://myserver.com/dispatch.fcgi, which is incorrect because the rule dealing with dispatch.fcgi doesn't even specifies a Redirect!

I'm stuck here, and any help will be *really* appreciated.

Thanks,

Manuel
http://jazzido.freezope.org/
jazzido
 
Posts: 1
Joined: Thu Sep 29, 2005 9:20 am

Return to Security with Mod_Rewrite

Who is online

Users browsing this forum: No registered users and 16 guests

cron