got it to work!! Here's the code that some people helped me out with:
RewriteCond %{HTTPS} off
RewriteCond %{QUERY_STRING} ssl=true
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
RewriteCond %{HTTPS} on
RewriteCond %{QUERY_STRING} !ssl=true
RewriteCond %{REQUEST_METHOD} GET
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI}
Thanks!!
Mike
Mike Soultanian wrote:
Well, I
think I kinda got it, but it doesn't seem to work right:
RewriteEngine On
RewriteCond %{QUERY_STRING} ssl=true [NC]
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
So, I would think that should search for anything after the path that
contains ssl=true and if it finds it, it will rewrite the URL with
https in front of it. However, it generates an error. Take a look:
https://gaggle.its.csulb.edu/itforums/index.php?ssl=true
take off the ssl=true and everything works fine:
https://gaggle.its.csulb.edu/itforums/index.php?
I don't get it because this is what I used before to force full-time
SSL and never had these issues:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
and the only thing I changed was the rewrite condition... errrrr...
any help would be much appreciated!!
Thanks!
Mike
Mike Soultanian wrote:
Hey Everyone,
I currently run phpbb and there is no facility to force SSL during
logins only - it's only full-time SSL or not. Because I have to
encrypt logins, I do the following in my .htaccess file:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
This essentially forces full-time SSL, which is kinda ok, but I'm
running into weird phpbb quirks (SSL write delays) so I'd like to try
and enable SSL only during logins.
Since it is difficult to manipulate the protocol section of the URL in
the phpBB code (http/https), I am thinking of appending a url variable
whenever a user is redirected to the logon page that would look like
this:
https://mysite.com/forums/posting.php?mode=post&f=3&ssl=true
And my hope was that I could have the rewrite mod look at the url and
see if it contains ssl=true, and if so, force https.
Seem doable? I would think searching a URL should be pretty simple,
but I am not very well versed in regular expressions. I was hoping
someone could help me write the rewrite condition to search for a
string.
Thanks!
Mike
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|
