Hi Folks,

I'm new to the manual side of web administration, and am using Apache2 in a 
Debian Linux distribution.

I was asked by my boss to set up a situation where we force SSL on certain 
portions of a website, and turn it off when the viewer goes to another page on 
the site. I have decided to use mod_rewrite to do so.  I've read through and 
have come up with the below code.  

This set of code is on the base port 80 site.  I have created this code with 
the intent to rewrite the URL to SSL if the page is not the string.  

        RewriteCond %{REQUEST_URI} !^/
        RewriteCond %{REQUEST_URI} !^/home   
        RewriteCond %{REQUEST_URI} !^/insurance-tips 
        RewriteCond %{REQUEST_URI} !^/add-a-tip  
        RewriteCond %{HTTPS} !=on  
        RewriteRule .* https://www.website.com/$1 [R,L]


This set of code, I have written on the 443 SSL site.  

        RewriteCond %{REQUEST_URI} ^/home
        RewriteCond %{REQUEST_URI} ^/insurance-tips
        RewriteCond %{REQUEST_URI} ^/add-a-tip
        RewriteCond %{HTTPS} =on
        RewriteRule ^/(.*) http://www.website.com/$1 [R,L]

When you first go to the site, it behaves as I want it to and leaves everything 
as HTTP.  But when you go back to the home page, it is supposed to remove the 
HTTPS, but it does not.  I'm hoping that someone can critique my code here and 
tell me where I've gone wrong.  I appreciate any feedback.


Thanks!

Ian Stradling



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Reply via email to