So when you echo $_SERVER['SERVER_PORT']; You get port 80 even if the url currently is https://www.yoursite.com ? If this is the case good luck. Because you have serious issues. Richard L. Buskirk -----Original Message----- From: Geoff Shang [mailto:geoff@xxxxxxxxxxxxxxx] Sent: Thursday, May 26, 2011 5:29 PM To: admin@xxxxxxxxxxxxxxxxxxx Cc: php-general@xxxxxxxxxxxxx Subject: RE: Detecting HTTPS connections under Apache On Thu, 26 May 2011, admin@xxxxxxxxxxxxxxxxxxx wrote: > The %{HTTPS} variable is not an Apache core variable. A more-portable > solution is to check %{SERVER_PORT} for port 80 or port 443 -- or for "not > port 80" or "not port 443." ah but this doesn't actually work for me, I get 80 regardless of whether I use HTTP or HTTPS, even if I use https://example.com:443 > Also, you're requiring an *exact* match on "not /user" or "not /admin," > meaning that directory and file paths below these directories will not be > matched -- They will always be redirected by the second rule. {snip other rewrite stuff} uh... I didn't say anything about matching URL patterns or the like. I just want my application to do whatever is already being done. And hard-coding URL paths is a bad idea because someone else might want to install the code under some other path. I don't really want to use rewrite rules to achieve this. If I did, every time my code redirects the browser, it will cause a rewrite from an HTTP URL to an HTTPS URL, which surely is inefficient. Surely it should be simple enough for me to detect whichever is being used and continue to use it. This makes my code separate from whatever the webmaster decides to do regarding being secure or not. Geoff. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
