This may seem rather simple, but there are several web URLs that I need to reroute to an SSL URL. Can this be done with .htaccess? If so, how?
For example, say there’s web page that requires a user to login (that’s already been coded). User logs in, but the URL they are forwarded to that has the sensitive data (downloadable files), needs to be rerouted to the SSL URL.
Any suggestions?
You can code the redirect to go to the https address in your programming itself. Of course the user can then change the URL and switch to http (nobody would probably do this, but it’s possible), and in that case you can use .htaccess to redirect them back to https.
An example of how you can build such an .htaccess you can find over here http://www.datakoncepts.com/seo in the section “Enforce Secure Server”
If anything isn’t clear, feel free to ask 
Thank you, ScallioXTX:
Basically what I want to do is take specific URLs like http://websitedomainname.com/securethisdocuments.html and change it to ‘https://…’
I have several pages that I need to redirect to a ‘https://’
I reviewed the site link you sent, and I guess I didn’t see what I could use.
Do you have a suggestion?
toady,
I have examples in my signature’s tutorial (near the end) and recommend:
Use RewriteCond %{SERVER_PORT} ^443$ to check that SSL has been requested (because {HTTPS} is either ‘on’ or null). I also recommend that you send non-secure pages to http:// and not let them use the secure server but that wasn’t your question.
Use PHP scripts, not html, and check there, too, that SSL is in use.
Code like:
RewriteEngine on
RewriteCond %{REQUEST_URI} ^(secure_page1|secure_page2)\\.html$
RewriteCond %{SERVER_PORT} !^443$
RewriteRule .? https://www.example.com/%1.html [R=301,L]
… will enforce https on secure_page1.html and secure_page2.html but will not send “non-secure” pages back to http from there.
As for my PHP code:
<?php if (443 != $_SERVER['SERVER_PORT']) header('Location: https://www.example.com.com/$_SERVER['PHP_SELF']'); ?>
Regards,
DK
Something like this?
RewriteCond %{REQUEST_URI} ^(documents|client-settings)\.html$ (this would be for ‘documents.html’ and ‘client-settings.html’ pages)
RewriteCond %{SERVER_PORT} !^443$
RewriteRule .? https://www.domainname.com/%1.html [R=301,L]
So this would force pages ‘documents.html’ and ‘client-settings.html’ to be on ‘https://’ correct? I’m not sure about the {SERVER_PORT}, but I do know the client has an SSL; so would changing {SERVER_PORT} to {HTTPS} make much difference?
I’ve also noticed that it looks like I will need to do the same thing but for all files within a folder:
RewriteCond %{REQUEST_URI} component/docman
RewriteRule ^(.*)$ https://www.domainname.com/component/docman/$1 [R,L]
Would this be right?
Does the PHP script you provided be required if I’m using RewriteCond? Or what is the purpose of that?
toady,
Fine! Using {HTTPS} can be problematic because it’s either “on” or null so I prefer to use {SERVER_PORT} and look to match either 80 or 443.
The PHP script is just insurance.
Regards,
DK
Thank you, dklynn.
You’ve been a wonderful help!
toady,
Glad to be of service as I’m sure you’ve learned something (which is my goal).
Regards,
DK
I definitely did!