Hey James, Your if-then is technically relatively easy to do with mod-rewrite. However, in real life you are likely to face unexpected problems when accessing "a diverse and historical range of applications" via two different channels, one being http and one being https. Fully qualified URLs in your application (a href="http://intranet.example.com/foo") will eventually bite you. You can redirect these GET requests too, but you can not easily redirect POST requests. It is possible that most of these problems can be solved. One by one. Sometimes you can get along by reconfiguring the application, sometimes you can do a rewrite trick, sometimes you have to be really agressive and rewrite the http response body. It is a lot of work and it very complicated. I mean you will learn a real lot about mod-rewrite and http in general, but do you really want to learn that much? Under the line: I would not attempt this. Stick with a single access channel and make this channel https for everyone. This might be annoying to start out with, but it keeps the complexity to a much lower level. regs, Christian --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx