Home / server / Questions / 311699
Accepted
Tom
Asked: 2011-09-16 02:13:47 +0800 CST

Redirect HTTPS to HTTP except for specific URL

  • 772

We'd like to redirect all HTTPS traffic to HTTP except for a specific URL which is /user/login

So far we've got:

RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^user/login(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]

But it's causing a redirect loop, when it redirects back to HTTP

apache-2.2 .htaccess redirect https

3 Answers

  1. Something like this should work:

    RewriteEngine on
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !^/user/login
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [R,L]

    But this doesn't make much sense for me. It would be better if you redirect only requests to /user/login via SSL and leave everything else as it is:

    RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule /user/login(.*) https://%{HTTP_HOST}/user/login$1 [R,L]
    • 5
  2. Best Answer

    I believe this should do the trick:

    RewriteEngine On
RewriteBase /

# Turn SSL on for /user/login
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} ^/user/login
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]

# Turn SSL off everything but /user/login
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !^/user/login
RewriteRule ^(.*)$ http://%{HTTP_HOST}/$1 [R=301,L]

    The above will do the following:

    1. User types: https://yourdomain.com/user/login - no redirect
2. User types: http://yourdomain.com/user/login -> redirect to: https://yourdomain.com/user/login
3. User types: https://yourdomain.com/somerandomfile.php -> redirect to: http://yourdomain.com/somerandomfile.php
4. User types: http://yourdomain.com/somerandomfile.php - no redirect
    • 3

  3. You are looking for redirect when the URI does not match with /user/login/?? here is the answer.

    https://stackoverflow.com/questions/7084048/apache-redirect-regexp-match-something-that-is-not-following-something/7084117#7084117

    • -1