Redirect HTTPS to HTTP except for specific URL
17,078
Solution 1
I believe this should do the trick:
RewriteEngine On
RewriteBase /
# Turn SSL on for /user/login
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} ^/user/login
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
# Turn SSL off everything but /user/login
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !^/user/login
RewriteRule ^(.*)$ http://%{HTTP_HOST}/$1 [R=301,L]
The above will do the following:
1. User types: https://yourdomain.com/user/login - no redirect
2. User types: http://yourdomain.com/user/login -> redirect to: https://yourdomain.com/user/login
3. User types: https://yourdomain.com/somerandomfile.php -> redirect to: http://yourdomain.com/somerandomfile.php
4. User types: http://yourdomain.com/somerandomfile.php - no redirect
Solution 2
Something like this should work:
RewriteEngine on
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !^/user/login
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [R,L]
But this doesn't make much sense for me. It would be better if you redirect only requests to /user/login via SSL and leave everything else as it is:
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule /user/login(.*) https://%{HTTP_HOST}/user/login$1 [R,L]
Related videos on Youtube
Author by
Scott Ross
Updated on September 18, 2022Comments
-
Scott Ross over 1 year
We'd like to redirect all HTTPS traffic to HTTP except for a specific URL which is /user/login
So far we've got:
RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^user/login(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
But it's causing a redirect loop, when it redirects back to HTTP
-
Scott Ross over 12 yearsThanks. If we use HTTPS to serve the site then we lose the ability to cache pages with Varnish, so that's why I'd like to flip all HTTPS traffic back to HTTP except from the user login/account stuff, which we need to run over HTTPS
-
Scott Ross over 12 yearsThis still appears to send anyone visiting example.com/user/login to example.com/user/login ?
-
Scott Ross over 12 yearsNope, that's not what I'm looking for
-
Felipe Alcacibar over 12 yearstalks about the same in your chosed as correct answer =) the key is the negation operator