Here is what I've gleaned from the log I started. FYI, I clicked on a link within the website that is supposed to go to ../insurance-tips/ Anything related to /insurance-tips, /add-a-tip, /home, and / are supposed to NOT be HTTPS...yet, whenever I click on the 'insurance-tips' link, it comes up as HTTPS.
69.39.19.253 - - [03/Mar/2011:14:43:10 --0700] [www.woodsins.com/sid#819b968][rid#85260c8/initial] (2) init rewrite engine with requested uri /insurance-tips/40/54-front-end-capabilities 69.39.19.253 - - [03/Mar/2011:14:43:10 --0700] [www.woodsins.com/sid#819b968][rid#85260c8/initial] (3) applying pattern '^(.*)' to uri '/insurance-tips/40/54-front-end-capabilities' 69.39.19.253 - - [03/Mar/2011:14:43:10 --0700] [www.woodsins.com/sid#819b968][rid#85260c8/initial] (4) RewriteCond: input='www.woodsins.com' pattern='=webmail.woodsins.com' => not-matched 69.39.19.253 - - [03/Mar/2011:14:43:10 --0700] [www.woodsins.com/sid#819b968][rid#85260c8/initial] (3) applying pattern '^(.*)' to uri '/insurance-tips/40/54-front-end-capabilities' 69.39.19.253 - - [03/Mar/2011:14:43:10 --0700] [www.woodsins.com/sid#819b968][rid#85260c8/initial] (4) RewriteCond: input='www.woodsins.com' pattern='=admin.woodsins.com' => not-matched 69.39.19.253 - - [03/Mar/2011:14:43:10 --0700] [www.woodsins.com/sid#819b968][rid#85260c8/initial] (3) applying pattern '/' to uri '/insurance-tips/40/54-front-end-capabilities' 69.39.19.253 - - [03/Mar/2011:14:43:10 --0700] [www.woodsins.com/sid#819b968][rid#85260c8/initial] (4) RewriteCond: input='/insurance-tips/40/54-front-end-capabilities' pattern='^/$' => not-matched 69.39.19.253 - - [03/Mar/2011:14:43:10 --0700] [www.woodsins.com/sid#819b968][rid#85260c8/initial] (3) applying pattern '/' to uri '/insurance-tips/40/54-front-end-capabilities' 69.39.19.253 - - [03/Mar/2011:14:43:10 --0700] [www.woodsins.com/sid#819b968][rid#85260c8/initial] (4) RewriteCond: input='/insurance-tips/40/54-front-end-capabilities' pattern='^/home' => not-matched 69.39.19.253 - - [03/Mar/2011:14:43:10 --0700] [www.woodsins.com/sid#819b968][rid#85260c8/initial] (3) applying pattern '/' to uri '/insurance-tips/40/54-front-end-capabilities' 69.39.19.253 - - [03/Mar/2011:14:43:10 --0700] [www.woodsins.com/sid#819b968][rid#85260c8/initial] (4) RewriteCond: input='/insurance-tips/40/54-front-end-capabilities' pattern='^/insurance-tips/$' => not-matched 69.39.19.253 - - [03/Mar/2011:14:43:10 --0700] [www.woodsins.com/sid#819b968][rid#85260c8/initial] (3) applying pattern '/' to uri '/insurance-tips/40/54-front-end-capabilities' 69.39.19.253 - - [03/Mar/2011:14:43:10 --0700] [www.woodsins.com/sid#819b968][rid#85260c8/initial] (4) RewriteCond: input='/insurance-tips/40/54-front-end-capabilities' pattern='^/add-a-tip/$' => not-matched 69.39.19.253 - - [03/Mar/2011:14:43:10 --0700] [www.woodsins.com/sid#819b968][rid#85260c8/initial] (3) applying pattern '/' to uri '/insurance-tips/40/54-front-end-capabilities' 69.39.19.253 - - [03/Mar/2011:14:43:10 --0700] [www.woodsins.com/sid#819b968][rid#85260c8/initial] (4) RewriteCond: input='/insurance-tips/40/54-front-end-capabilities' pattern='^/index.php/$' => not-matched 69.39.19.253 - - [03/Mar/2011:14:43:10 --0700] [www.woodsins.com/sid#819b968][rid#85260c8/initial] (1) pass through /insurance-tips/40/54-front-end-capabilities 69.39.19.253 - - [03/Mar/2011:14:43:10 --0700] [www.woodsins.com/sid#819b968][rid#85260c8/initial] (3) [perdir/home/woodsins/public_html/] add path info postfix: /home/woodsins/public_html/insurance-tips -> /home/woodsins /public_html/insurance-tips/40/54-front-end-capabilities 69.39.19.253 - - [03/Mar/2011:14:43:10 --0700] [www.woodsins.com/sid#819b968][rid#85260c8/initial] (3) [perdir /home/woodsins/public_html/] strip per-dir prefix: /home/woodsins/public_html/insurance-tips/40/54-front-end-capabilities -> insurance-tips/40/54-front-end-capabilities -----Original Message----- From: Eugene [mailto:eugene.lyse...@gmail.com] Sent: Thursday, March 03, 2011 10:55 AM To: users@httpd.apache.org Subject: RE: [users@httpd] Rewrite Conditions & Rules My mistake. Bottom part must be like this: RewriteCond %{REQUEST_URI} ^/$ RewriteCond %{HTTPS} on RewriteRule / http://www.website.com%{REQUEST_URI} [R,L] RewriteCond %{REQUEST_URI} ^/home RewriteCond %{HTTPS} on RewriteRule / http://www.website.com%{REQUEST_URI} [R,L] RewriteCond %{REQUEST_URI} ^/insurance-tips RewriteCond %{HTTPS} on RewriteRule / http://www.website.com%{REQUEST_URI} [R,L] RewriteCond %{REQUEST_URI} ^/add-a-tip RewriteCond %{HTTPS} on RewriteRule / http://www.website.com%{REQUEST_URI} [R,L] -----Original Message----- From: Ian Stradling <i...@impalanetworks.com> Reply-to: "users@httpd.apache.org" <users@httpd.apache.org> To: users@httpd.apache.org <users@httpd.apache.org> Subject: RE: [users@httpd] Rewrite Conditions & Rules Date: Thu, 3 Mar 2011 17:39:33 +0000 No, unfortunately it doesn’t. When a visitor first goes to the website, it stays in HTTP. As soon as a visitor clicks on one of the HTTPS links, the rewrite rules will force HTTPS for the rest of the time that the visitor is on the site regardless of the links they click on. I need the Rewrite rules to be able to take it out of HTTPS when they click on a portion of the site that isn't HTTPS. The code all looks like it should work, but there's something strange going on with it. It looks like the second set of code isn't firing. -----Original Message----- From: Eugene [mailto:eugene.lyse...@gmail.com] Sent: Thursday, March 03, 2011 9:33 AM To: users@httpd.apache.org Subject: RE: [users@httpd] Rewrite Conditions & Rules Doesn't it fit your needs? RewriteCond %{REQUEST_URI} !^/$ RewriteCond %{REQUEST_URI} !^/home RewriteCond %{REQUEST_URI} !^/insurance-tips RewriteCond %{REQUEST_URI} !^/add-a-tip RewriteCond %{HTTPS} off RewriteRule / https://www.website.com%{REQUEST_URI} [R,L] RewriteCond %{REQUEST_URI} ^/$ RewriteCond %{REQUEST_URI} ^/home RewriteCond %{REQUEST_URI} ^/insurance-tips RewriteCond %{REQUEST_URI} ^/add-a-tip RewriteCond %{HTTPS} on RewriteRule / http://www.website.com%{REQUEST_URI} [R,L] -----Original Message----- From: Ian Stradling <i...@impalanetworks.com> Reply-to: "users@httpd.apache.org" <users@httpd.apache.org> To: users@httpd.apache.org <users@httpd.apache.org> Subject: RE: [users@httpd] Rewrite Conditions & Rules Date: Thu, 3 Mar 2011 16:05:54 +0000 Has anyone ever used mod_rewrite to try and force SSL on certain portions of a website? I feel like I'm running around in circles trying to figure it out. As a point of reiteration, I'm using the following code: RewriteCond %{REQUEST_URI} !^/ RewriteCond %{REQUEST_URI} !^/home RewriteCond %{REQUEST_URI} !^/insurance-tips RewriteCond %{REQUEST_URI} !^/add-a-tip RewriteCond %{HTTPS} !=on RewriteRule .* https://www.website.com/$1 [R,L] I've tried implementing a couple of these but it never really does what I think it's supposed to do. If someone could please point me in the right direction, I'd appreciate it. Thanks! -----Original Message----- From: Ian Stradling [mailto:i...@impalanetworks.com] Sent: Monday, February 28, 2011 12:40 PM To: users@httpd.apache.org Subject: [users@httpd] re: Rewrite Conditions & Rules Hi Folks, I'm new to the manual side of web administration, and am using Apache2 in a Debian Linux distribution. I was asked by my boss to set up a situation where we force SSL on certain portions of a website, and turn it off when the viewer goes to another page on the site. I have decided to use mod_rewrite to do so. I've read through and have come up with the below code. This set of code is on the base port 80 site. I have created this code with the intent to rewrite the URL to SSL if the page is not the string. RewriteCond %{REQUEST_URI} !^/ RewriteCond %{REQUEST_URI} !^/home RewriteCond %{REQUEST_URI} !^/insurance-tips RewriteCond %{REQUEST_URI} !^/add-a-tip RewriteCond %{HTTPS} !=on RewriteRule .* https://www.website.com/$1 [R,L] This set of code, I have written on the 443 SSL site. RewriteCond %{REQUEST_URI} ^/home RewriteCond %{REQUEST_URI} ^/insurance-tips RewriteCond %{REQUEST_URI} ^/add-a-tip RewriteCond %{HTTPS} =on RewriteRule ^/(.*) http://www.website.com/$1 [R,L] When you first go to the site, it behaves as I want it to and leaves everything as HTTP. But when you go back to the home page, it is supposed to remove the HTTPS, but it does not. I'm hoping that someone can critique my code here and tell me where I've gone wrong. I appreciate any feedback. Thanks! Ian Stradling --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org