Justin Pasher wrote:
Actually, ignore everything I just said. All this time I thought that
was what apache was doing, but it's actually occurring after the
mismatched server name warning is presented. The rewrite rule will
still catch the request and redirect them to https://www.csulb.edu,
but not until after the warning has already been issued.
Heh, no worries ;)
However, I think you might be able to help me solve a few of the problem
cases. Here's what's going on. I have a message forum running at
http://www.csulb.edu/itforums. When you hit the site there is an
.htaccess directive that automatically redirects you to to the SSL
version of the site:
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
This works great, except when someone types csulb.edu/itforums in their
browser. They then get redirected to https://csulb.edu/itforums and
receive a certificate error. I can't really fix the case of someone
typing https://csulb.edu/itforums (which will probably be rare), I can
still take care of the other cases: having both
http://www.csulb.edu/itforums and http://csulb.edu/itforums forward to
https://www.csulb.edu/itforums. I tried to do this but my rewrite
statements don't seem to work right:
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} !www
RewriteRule (.*) https://www.%{HTTP_HOST}%{REQUEST_URI}
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} www
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
Here are some test pages where I've applied the above directives:
http://csulb.edu/projects/itforums/dev/ ->
https://www.csulb.edu/projects/itforums/dev/
The above correctly updated the URL and is running SSL
http://www.csulb.edu/projects/itforums/dev/ ->
http://www.csulb.edu/projects/itforums/dev/
The above doesn't work correctly as it doesn't go SSL
Notice the second case doesn't forward to https. Any idea why?
Thanks!
Mike
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]