Redirecting pages inadvertently sent to https

What is the easiest way to redirect pages to http that are coming in https for a specified list of directories.

For example, the call is or and I want that to come in with the same {REQUEST_URI} as an http request? I refer to /Search as a directory for purposes of this post.

I already have

RewriteCond %{SERVER_PORT} ^443$
RewriteCond %{HTTP_HOST} ^www\.mysite\.com$ [NC]
RewriteRule .?{REQUEST_URI} [L,R=301]

Also for consideration, I have a fairly large number of http directories but only about 8 https directories, so it would be easier to say “if it is not a directory that is supposed to be https, switch it to http”.


There was a thread on this a while ago that went into this topic pretty well. Have a look at

Does that help? :slight_smile:

Thanks for the heads up. For some reason I can never find anything when I search for it but certainly don’t want to reinvent the wheel.

I read through that and the scary part is I think I understand most of it. :slight_smile:

However in just quickly playing with it and trying to implement part of it, I had some inconsistent results.

I think the most enlightening part was when dklynn said

What I have implemented on my websites is a PHP header() function which tests the protocol (for a secure page) and redirects to https if it’s not already in use. mod_rewrite is good but embedding the code in the secure scripts is, IMHO, a better choice.

I wish I could see that header because my first inclination was to do it in PHP but thought maybe I should see if the better solution was .HTACCESS. the way my site is laid out all the index files are either fully HTTPS or HTTP so that should be a pretty straight forward implementation.

So I think I will play with the header() function and then head on over to the PHP board if I need help there.

Again, thanks for the heads up. Definitely helped.


Redirecting to https? Why, then, does your code redirect to https? Moreover, why are you requiring the www’d domain to allow the redirection?

Okay, from code, you’re trying to do two things (in your “specification”): force non-www on the domain and force NON-https on … everything? Only Search?

RewriteEngine on

# Remove www on the domains
RewriteCond %{HTTP_HOST} ^www\\.example\\.com$ [NC]
RewriteRule .?{REQUEST_URI} [L] # the R=301 is automatic with the absolute redirection

# Send Search requests to http
RewriteCond %{SERVER_PORT} ^443$
RewriteRule ^Search [QSA,L] # the QSA isn't required but will ensure you retain your query string