[support] http > https redirect

Gordon Heydon gordon at heydon.com.au
Mon Sep 24 13:40:58 UTC 2007 

Hi,

When you turn off both securepages and the apache .htaccess stuff can
you got to both the http and https pages without being redirected to the
other?

I think this problem is nothing to do with securepages or the .htaccess
stuff, it is something else in your configuration.

Gordon.

sander-martijn wrote:
> Securepages doesn't work properly.  It's actually exactly the same
> problem I see with my apache directives - when redirecting back from
> https it results in an endless loop of redirects, resulting in apache
> reporting "this page is redirecting in a way that will never resolve" -
> or maybe it's firefox that gives up I can't remember.
> 
> And I've seen the other post, but I definitely am not going down the
> multi-site path for one page.  That's like killing a cockroach with a
> shotgun.
> 
> Bill Fitzgerald wrote:
>> These two might also be helpful:
>>
>> http://drupal.org/project/securepages and http://drupal.org/node/37932
>>
>> Cheers,
>>
>> Bill
>>
>> sander-martijn wrote:
>>  
>>> Thanks - that is the easiest way, but only works if you want your
>>> entire site in https (https vastly slows down your site so I would
>>> almost never want that).  I need only one page to be https. 
>>> Redirecting TO https is no problem:
>>> RewriteCond %{SERVER_PORT} !^443$
>>> RewriteRule ^(contact/requestBook)$ https://s24863.gridserver.com/$1
>>> [R=301,L]
>>>   Redirecting back FROM https when you go to any of the other sites
>>> is what doesn't work - i either get an endless loop (resulting in
>>> apache failing) or it stays in https all the time:
>>> # Redirect non-secure pages to HTTP if requested by HTTPS
>>>   RewriteCond %{SERVER_PORT} ^443$
>>>   RewriteCond %{REQUEST_URI} !^contact/requestBook$
>>>   RewriteRule ^(.*)$ http://s24863.gridserver.com/$1 [R=301,L]
>>>   It has something to do with the way drupal rewrites urls - going to
>>> https the url is one thing but by the time it gets to the next
>>> condition (on the following line) to rewrite back to http if
>>> necessary it thinks it's something else.  so while it matches
>>> contact/requestBook as the request URI it won't match NOT
>>> contact/requestBook for the return url.
>>>
>>> I still haven't gotten this working and the securepages maintainer
>>> says he can't reproduce the problem with the module.  And the site
>>> goes live very soon.  I've seen many issues posted both on the
>>> drupal.org forums on problems with the apache solution above as well
>>> as on the module page for the maintainer - so I believe it has
>>> something to do with clean urls or someething like that and that
>>> there IS a solution - I just can't figure out what it is.
>>>
>>> Thanks
>>> .sander
>>>
>>>
>>> Chris Johnson wrote:
>>>    
>>>> Your situation may be vastly different from ours, so this may be of no
>>>> help at all.  But here is how we redirect HTTP to HTTPS for our sites
>>>> using Apache 2:
>>>>
>>>> <VirtualHost *:80>
>>>>     ServerName  www.example.com
>>>>     Redirect    /   https://www.example.com/
>>>> </VirtualHost>
>>>>         
>>> -- 
>>> ------------------------------------------------------------------------
>>>
>>> sander-martijn <mailto:sander at sander-martijn.com>
>>> interface developer | architect
>>> sander at sander-martijn.com <mailto:sander at sander-martijn.com>
>>> www.sander-martijn.com <http://www.sander-martijn.com>
>>>
>>> ------------------------------------------------------------------------
>>>     
>>
>>
>>   
>

More information about the support mailing list