问题
I am trying to catch any https traffic to the front of my site so:
https://www.domain.com
is redirected to:
http://www.domain.com
However other subdomains need to be redirected elsewhere. For the most part this is all working, apart from the https -> http redirection. Here's my .htaccess file at the moment:
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI}
RewriteCond %{HTTP_HOST} ^domain\.com [NC]
RewriteRule ^(.*)$ http://www.domain.com/$1 [L,R=301]
RewriteCond "%{HTTP_HOST}" !^www.* [NC]
RewriteCond "%{HTTP_HOST}" ^([^\.]+).*$
RewriteRule ^(.*)$ https://secure.domain.com/a/login/%1 [L,R=301]
It would seem that this bit:
RewriteCond %{HTTPS} on
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI}
isn't working as I would imagine. In fact it doesn't seem to redirect at all.
In another subdirectory I have the opposite in effect which works fine:
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
so my thinking is the opposite should have done the job, but seemingly not.
Any thoughts anyone?
EDIT
I'm thinking that this could have something to do with the fact that on the server there is an ssl cert which the ISP uses to provide a generic https address to your site. For example if you have a site at:
http://www.yourdomain.com
You can access the same content/hosting account over https by using:
https://server100.securedomain.com/yourdomain.com
Could it be that because when I type in https into the browser I'm being served the generic cert and because it doesn't match the domain name I've entered I'm getting a security warning about an untrusted cert which is stopping the redirection?
EDIT 2
Looking at the server headers I think I am correct with my above assumption. The server is returning:
The host name in the certificate is invalid or does not match
Would this stop the redirection?
回答1:
Just realised that I never closed this off, so for the benefit of anyone else trying to solve this I will now.
In short, the catch all https -> http redirection that I was trying to achieve won't work because the server is serving up the cert first which is then generating the security warning. This happens before the redirect for obvious security reasons, hence the redirect not working a I wanted.
Hope that helps somebody else.
回答2:
If "it doesn't seem to redirect at all" my guess is that
RewriteCond %{HTTPS} on
fails for some reason. I saw this in an example:
RewriteCond %{SERVER_PORT} ^443$ [OR]
RewriteCond %{HTTPS} =on
Maybe you need both?
回答3:
I know this an old thread but i just found the answer and it may help someone in the future:
be sure that the virtual hosts file for the ssl server has:
AllowOverride All
this is likely in your default server virtual host file which is why you can do from http
来源:https://stackoverflow.com/questions/2980324/htaccess-redirect-https-to-http-not-working