[support] http > https redirect

sander-martijn sander at sander-martijn.com
Mon Sep 24 13:24:37 UTC 2007 

Securepages doesn't work properly.  It's actually exactly the same 
problem I see with my apache directives - when redirecting back from 
https it results in an endless loop of redirects, resulting in apache 
reporting "this page is redirecting in a way that will never resolve" - 
or maybe it's firefox that gives up I can't remember.

And I've seen the other post, but I definitely am not going down the 
multi-site path for one page.  That's like killing a cockroach with a 
shotgun.

Bill Fitzgerald wrote:
> These two might also be helpful:
>
> http://drupal.org/project/securepages and http://drupal.org/node/37932
>
> Cheers,
>
> Bill
>
> sander-martijn wrote:
>   
>> Thanks - that is the easiest way, but only works if you want your 
>> entire site in https (https vastly slows down your site so I would 
>> almost never want that).  I need only one page to be https.  
>> Redirecting TO https is no problem:
>> RewriteCond %{SERVER_PORT} !^443$
>> RewriteRule ^(contact/requestBook)$ https://s24863.gridserver.com/$1 [R=301,L]
>>   
>> Redirecting back FROM https when you go to any of the other sites is 
>> what doesn't work - i either get an endless loop (resulting in apache 
>> failing) or it stays in https all the time:
>> # Redirect non-secure pages to HTTP if requested by HTTPS
>>   RewriteCond %{SERVER_PORT} ^443$
>>   RewriteCond %{REQUEST_URI} !^contact/requestBook$
>>   RewriteRule ^(.*)$ http://s24863.gridserver.com/$1 [R=301,L]
>>   
>> It has something to do with the way drupal rewrites urls - going to 
>> https the url is one thing but by the time it gets to the next 
>> condition (on the following line) to rewrite back to http if necessary 
>> it thinks it's something else.  so while it matches 
>> contact/requestBook as the request URI it won't match NOT 
>> contact/requestBook for the return url.
>>
>> I still haven't gotten this working and the securepages maintainer 
>> says he can't reproduce the problem with the module.  And the site 
>> goes live very soon.  I've seen many issues posted both on the 
>> drupal.org forums on problems with the apache solution above as well 
>> as on the module page for the maintainer - so I believe it has 
>> something to do with clean urls or someething like that and that there 
>> IS a solution - I just can't figure out what it is.
>>
>> Thanks
>> .sander
>>
>>
>> Chris Johnson wrote:
>>     
>>> Your situation may be vastly different from ours, so this may be of no
>>> help at all.  But here is how we redirect HTTP to HTTPS for our sites
>>> using Apache 2:
>>>
>>> <VirtualHost *:80>
>>>     ServerName  www.example.com
>>>     Redirect    /   https://www.example.com/
>>> </VirtualHost>
>>>   
>>>       
>> -- 
>> ------------------------------------------------------------------------
>>
>> sander-martijn <mailto:sander at sander-martijn.com>
>> interface developer | architect
>> sander at sander-martijn.com <mailto:sander at sander-martijn.com>
>> www.sander-martijn.com <http://www.sander-martijn.com>
>>
>> ------------------------------------------------------------------------
>>     
>
>
>   

-- 
------------------------------------------------------------------------

sander-martijn <mailto:sander at sander-martijn.com>
interface developer | architect
sander at sander-martijn.com <mailto:sander at sander-martijn.com>
www.sander-martijn.com <http://www.sander-martijn.com>

------------------------------------------------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.drupal.org/pipermail/support/attachments/20070924/29b79d88/attachment.htm

More information about the support mailing list