We use cookies to help make our site work properly and to analyze how our site is used. Some are optional, but none contain your personal information, and we don't use any for ads. You can view our cookies policy, manage your cookie preferences, or consent and dismiss this banner by clicking agree:

Agree
ExpressionEngine CMS
Open, Free, Amazing

Thread

This is an archived forum and the content is probably no longer relevant, but is provided here for posterity.

The active forums are here.

Forcing SSL on certain pages only

May 19, 2013 9:18pm

Subscribe [1]

  • #1 / May 19, 2013 9:18pm

    earbrain

    23 posts

    I recently had an SSL certificate installed on my server and was given the relevant code the server needs, I assume, in the .htaccess file:

    RewriteCond %{ENV:SECURE_REDIRECT} !=on
RewriteEngine On
RewriteCond %{ENV:SECURE_REDIRECT} !=on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

    I don’t don’t know what to do with REQUEST_URI, which—I’ve been told—is the key to this.

    I’ve tried the add-ons “ForceSSL” and “DMForceSSL,” but I’ve had no luck in getting just one pass-protected page on my domain to be in https. ForceSSL broke the other domains running on my server (my SSL certificate is for my main domain only), and while the DMForceSSL plugin leaves the other domains alone, I can’t get the suggested tags to specify a single specific template to force SSL.

    Any easy way to do this?

  • #2 / May 20, 2013 6:22pm

    earbrain

    23 posts

    All methods I’ve used have yielded unpredictable, inconsistent results, but I have got the https to work on one page in Firefox only. Safari and Camino don’t work. Why only Firefox? Here’s the new code in my .htaccess file:

    <IfModule mod_rewrite.c>

RewriteEngine On
RewriteBase /

# Force SSL on specific_page
RewriteCond %{HTTPS} !=on
RewriteCond %{REQUEST_URI} ^/specific_page
RewriteCond %{HTTP_HOST} ^(www\.)?(.*)$ [NC]
RewriteRule ^(.*)$ https://%2/$1 [R=301,L,QSA]

# Remove SSL on other pages
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !^/specific_page
RewriteCond %{REQUEST_URI} !^/index\.php/specific_page
RewriteRule ^(.*)$ http://%{HTTP_HOST}/$1 [R=301,L,QSA]

# Remove www. from URLs
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^(.*)$ http://%1/$1 [R=301,L]

# Magic ExpressionEngine rule to remove index.php requirement from URLs    
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond $1 !\.(gif|jpe?g|png)$ [NC]
RewriteRule ^(.*)$ index.php/$1 [L]
</IfModule>

  • #3 / May 25, 2013 8:16pm

    earbrain

    23 posts

    Figured it out.

.(JavaScript must be enabled to view this email address)

ExpressionEngine News!

#eecms, #events, #releases

© Packet Tide, All Rights Reserved. Legal Notices

Username

Password

Forgot password?
or Register