Re: Possible to force SSL based on URL Variable?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Well, I think I kinda got it, but it doesn't seem to work right:

RewriteEngine On
RewriteCond %{QUERY_STRING} ssl=true [NC]
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
So, I would think that should search for anything after the path that contains ssl=true and if it finds it, it will rewrite the URL with https in front of it. However, it generates an error. Take a look: 

https://gaggle.its.csulb.edu/itforums/index.php?ssl=true

take off the ssl=true and everything works fine:

https://gaggle.its.csulb.edu/itforums/index.php?
I don't get it because this is what I used before to force full-time SSL and never had these issues: 

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

and the only thing I changed was the rewrite condition... errrrr...

any help would be much appreciated!!

Thanks!
Mike



Mike Soultanian wrote:

Hey Everyone,
I currently run phpbb and there is no facility to force SSL during logins only - it's only full-time SSL or not. Because I have to encrypt logins, I do the following in my .htaccess file: 

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
This essentially forces full-time SSL, which is kinda ok, but I'm running into weird phpbb quirks (SSL write delays) so I'd like to try and enable SSL only during logins.
Since it is difficult to manipulate the protocol section of the URL in the phpBB code (http/https), I am thinking of appending a url variable whenever a user is redirected to the logon page that would look like this: 

https://mysite.com/forums/posting.php?mode=post&f=3&ssl=true
And my hope was that I could have the rewrite mod look at the url and see if it contains ssl=true, and if so, force https.
Seem doable? I would think searching a URL should be pretty simple, but I am not very well versed in regular expressions. I was hoping someone could help me write the rewrite condition to search for a string. 

Thanks!
Mike

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project. 
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux