HTTPS/HTTP redirects via .htaccess

I have a somehow complicated problem I am trying to solve.
I've used the following .htaccess directive to enable some sort of Pretty URLs, and that worked fine. For example, http://myurl.com/shop would be redirected to http://myurl.com/index.php/shop, and that was well working (note that stuff such as myurl.com/css/mycss.css) does not get redirected:

RewriteEngine on
RewriteCond ${REQUEST_URI} !^(index\.php$)
RewriteCond %{SCRIPT_FILENAME} !-f
RewriteCond %{SCRIPT_FILENAME} !-d
RewriteRule ^/?(.*)$ index.php/$1 [L]

But now, as I have introduced SSL to my webpage, I want the following behaviour:
I basically want the above behaviour for all pages except admin.php and login.php. Requests to those two pages should be redirected to the HTTPS part, whereas all other requests should be processed as specified above.

I have come up with the following .htaccess, but it does not work. htps://myurl.com/shop does not get redirected to htp://myurl.com/index.php/shop, and htp://myurl.com/admin.php does not get redirected to htps://myurl.com/admin.php.

RewriteEngine on

RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !^(admin\.php$|login\.php$)
RewriteRule ^(.*)$ http://%{HTTP_HOST}/${REQUEST_URI} [R=301,L]

RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} ^(admin\.php$|login\.php$)
RewriteRule ^(.*)$  https://myurl.com/%{REQUEST_URI} [R=301,L]

RewriteCond %{REQUEST_URI} !^(index\.php$)
RewriteCond %{SCRIPT_FILENAME} !-f
RewriteCond %{SCRIPT_FILENAME} !-d
RewriteRule ^/?(.*)$ index.php/$1 [L]

I know it has something to do with rules overwriting each other, but I am not sure since my knowledge of Apache is quite limited. How could I fix this apparently not that difficult problem, and how could I make my .htaccess more compact and elegant?

Help is very much appreciated, thank you!

RewriteEngine on RewriteCond %{HTTPS} on RewriteCond %{REQUEST_URI} !^/(admin\.php$|login\.php$) RewriteRule ^(.*)$ http://%{HTTP_HOST}${REQUEST_URI} [R=301,L] RewriteCond %{HTTPS} off RewriteCond %{REQUEST_URI} ^/(admin\.php$|login\.php$) RewriteRule ^(.*)$ https://myurl.org%{REQUEST_URI} [R=301,L] RewriteCond %{REQUEST_URI} !^/(index\.php$) RewriteCond %{SCRIPT_FILENAME} !-f RewriteCond %{SCRIPT_FILENAME} !-d RewriteRule ^/?(.*)$ index.php/$1 [L]

Best Answer

I have to answer this way, because my temporary account (i.e. cookie) is lost. Anyway, I found some interesting things.

I've fixed the issue with the leading / in REQUEST_URI, which you told me about.

I entered the RewriteLog and RewriteLogLevel directives in the global Server configuration (which should apply to HTTP AND HTTPS, right?).

Then I found out that all HTTP requests got processed correctly and as wished (!), as I saw in the log, but requests with HTTPS didn't get logged at all! So I assume that either the logging is not correctly configured OR (and that's what I fear) that requests over HTTPS do not even go through the mod_rewrite procedure.

Once again, I am using an .htaccess file to set my rewrite rules.

So the actual problem at hand right now is that everything over HTTP gets correctly rewritten, but when I have a request such as https://myurl.org/shop, I want it to be redirected to http://myurl.org/shop, because it is neither admin.php nor login.php.

And I didn't understand the part with " (no need for a separate RewriteCond at all, really).". Thank you!

Below my updated .htaccess file.

Best Answer

Related Solutions

NGINX Redirect – How to Rewrite All HTTP Requests to HTTPS While Maintaining Sub-Domain

Correct way in new versions of nginx

Apache encodes URL while rewriting

Related Topic