Hi,the problem is that if a site which shouldn't be served by https is called by http your first rewriterule sets ps:https but the first rewriterule after #[2] isn't used because HTTPS is not on.
I think you can also have your desired effect much more easier like this: #[1] all /user, /subscription and /login pages should be served in https RewriteRule /user https://%{HTTP_HOST}%{REQUEST_URI} [R,L] RewriteRule /subscription https://%{HTTP_HOST}%{REQUEST_URI} [R,L] RewriteRule /login https://%{HTTP_HOST}%{REQUEST_URI} [R,L] #[2] For all other pages, if in https mode, serve the page in http mode. RewriteRule .* http://%{HTTP_HOST}%{REQUEST_URI} [R,L] Kind regards Reinhard On 21/05/10 22:58, Beto Limoun wrote:
Hello group, I am working on the mod_ssl configuration on a website and trying to achieve following: When a user accesses a page posting sensitive data to the server, the page should be accessed in httpS mode. What I am doing to achieve this is that I have a set of rewrite rules that will match the URI and invoke the httpS page. [1] This seems to be working fine. The problem I am facing is that when in httpS mode I select a page that is supposed to be accessed in http mode, apache still calls it in httpS mode. I have added some rewrite rules to prevent this [2], but they somehow get ignored. Example: Being in httpS://localhost/myapp/user/register I click on the linked home page logo image and expect to be resent to http://localhost/myapp/ but land instead in httpS://localhost/myapp/ I would appreciate if you can suggest a more elegant solution from your own experience of a fix to my config below. Many thanks in anticipation. Beto # # # RewriteLog "/private/var/log/apache2/rewrite.log" RewriteLogLevel 9 Options +FollowSymlinks RewriteEngine on #[1] all /user, /subscription and /login pages should be served in https RewriteCond %{HTTPS} =on [OR] RewriteCond %{HTTPS} !=on RewriteRule ^(.+)$ - [env=ps:https] RewriteRule ^.*/user(.*) %{ENV:ps}://%{HTTP_HOST}%{REQUEST_URI} [R,L] RewriteRule ^.*/subscription(.*) %{ENV:ps}://%{HTTP_HOST}%{REQUEST_URI} [R,L] RewriteRule ^.*/login(.*) %{ENV:ps}://%{HTTP_HOST}%{REQUEST_URI} [R,L] #[2] For all other pages, if in https mode, serve the page in http mode. RewriteCond %{HTTPS} =on RewriteCond %{REQUEST_URI} !^/(user.*|login.*|subscription.*) RewriteRule ^(.+)$ - [env=ps:http] RewriteRule ^(.+)$ %{ENV:ps}://%{HTTP_HOST}%{REQUEST_URI} [R,L] --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See<URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx