4 {{ upvoteCount | shortNum }}
4 {{ upvoteCount | shortNum }}

.htaccess Quick Q?!?! SSL

by scott g
3 replies
Ok so I have SSL on installed on a domain. I don't need all the pages to be secured (https) b/c there's no point... And if you're looking at the website in IE every time you visit a HTTPS page the pop-up warning box comes up...

I only want to have certain pages to load as HTTPS vs HTTP - such as the contact pages, submission forms, etc...

I know there's a way to 301 redirect specific pages to the HTTPS version of that page, but I just cant' figure out what that code is...!??!

Can anybody lend a helping hand!?

THANK YOU!
#htaccess #quick #ssl
  • Profile picture of the author Jerry Jackson
    Hey Scott,

    You shouldn't be getting a pop-up warning for any browsers - it's possible your security certificate is not installed correctly.

    I would suggest not using a 301 redirect, rather use the following and repeat it for other uri's:
    Code:
    RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteCond %{REQUEST_URI} secure-folder 
RewriteRule ^(.*)$ https://www .mydomain.com/secure-folder/$1 [R,L]
    Note: remove space after "www"
    {{ DiscussionBoard.errors[3778621].message }}
    • Profile picture of the author phpbbxpert
      Originally Posted by Jerry Jackson View Post

      You shouldn't be getting a pop-up warning for any browsers - it's possible your security certificate is not installed correctly.
      Not true.
      All linked resources and links in general or anything pointing outside the https page must also be https or IE will pop up that warning message.

      Other browsers will not complain as bad, but they will usually not show the enlarged https highlighted favicon area in the beginning of the address bar.

      You need to go through the pages that are https and make sure all items in the page are also https.
      NOTE: if its an external link, and the SSL is not valid on their site, users will get a similar error and it will reflect on you for sending them there. So just don't change everything to https without knowing.
      {{ DiscussionBoard.errors[3780961].message }}
      • Profile picture of the author lordspace
        Yeah, IE *complains* even if 1 resource is outside of https.

        Also I've read somewhere that if you use Iframes then then their source should be javascript:false in order to avoid browser's warnings.

        <iframe id="ifrm" src="javascript:false"></iframe>

        weird.
        Signature

        Are you using WordPress? Have you tried qSandbox yet?

        {{ DiscussionBoard.errors[3794461].message }}

Trending Topics