Apache SSL for login and NON-SSL for everything else (.htacces)
Posted
by
The Devil
on Server Fault
See other posts from Server Fault
or by The Devil
Published on 2011-01-30T20:42:03Z
Indexed on
2011/01/30
23:27 UTC
Read the original article
Hit count: 272
Hey
I've almost figured it out on my own but there's something I'm missing. I want to set a couple of directories and files to require SSL and everything else that's not related to those files and dirs to point back to http.
So far I have this:
RewriteEngine on
RewriteBase /
# Force ssl for login & admin
RewriteCond %{HTTPS} !on
RewriteRule ^/?(admin(.*)|login\.php)$ https://%{SERVER_NAME}/$1 [R,NC,L]
# Force non-ssl for others
RewriteCond %{HTTPS} on
RewriteRule ^/?(admin(.*)|login\.php)$ http://%{SERVER_NAME}/$1 [R,NC,L]
I'm sure I'm doing something wrong but I just can't figure it out.... The first condition works perfect - whenever I access login.php or /admin/ it points to https. But the second one doesn't...
Where have I mistaken ?
Thanks in advance!
© Server Fault or respective owner