Jump to content

Redirecting to HTTPS via .htaccess for a dynamic sub-page-branch


Recommended Posts

Dear All,

I'm familiar with the ProcessWire handy dandy function of checking "HTTPS only" in a template to force

pages with that template to use SSL.

My testing showed, however, that pages *under* the SSL page, that use other templates, don't inherit that

behavior. I have a lot of templates, for a very large web app, so I don't want to have to check off that box in all of them.

I could, of course, but I'm wondering if an .htaccess method would be easier.

I've created a "/members/" page and want all sub-pages to redirect to SSL.

I've used the code below, in an .htaccess file, but I've not used it when the page url

is not a physical directory, but is instead a dynamic url.

RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
 

I also don't know how the above two lines will interact with all the other PW directives

in the .htaccess file.

Tips would be appreciated.

Thanks,

Peter

Link to comment
Share on other sites

Dear Antti,

That's an interesting idea. I've not used the autoload module yet.

With the default install of PW, could you tell me exactly where you would insert that code,

and in which file?

The other option is to find a way to do that in .htaccess. Your method above might be less complicated.

Thanks!

Peter

Link to comment
Share on other sites

Dear Antti,

That's an interesting idea. I've not used the autoload module yet.

With the default install of PW, could you tell me exactly where you would insert that code,

and in which file?

Peter,

What Antti means is that you can create a Module that Autoloads (i.e. loaded automatically with PW). There is no "the" module called Autoload :)...If you already know this, my apologies :)

http://processwire.com/api/modules/

http://wiki.processwire.com/index.php/Module_Creation

Edited by kongondo
Link to comment
Share on other sites

Dear Kongondo,

Ah yes, maybe I remember reading that. It was lurking in a dusty corner of my brain.

Hmmm.... I'll have to study that more now. Thanks!

If there's an .htaccess rule that would do the same thing, I wouldn't mind some .htaccess wizard letting me know.

Mod_rewrite is something of a black art.

Peter

Link to comment
Share on other sites

Dear Antti,

I did the above, and added your code to _init.php:

if ( $page->rootParent->url == "/members/" )
      {
      $page->template->https = 1;
      }

 

It didn't work, so I looked at the $template var page on this site,

http://processwire.com/api/variables/templates/

and saw this:

      $template->protocol = 1;

but that didn't work either.

I also tried this, to no avail:

      $page->$template->protocol = 1;
 

Perhaps my syntax is wrong?

Peter

Link to comment
Share on other sites

Well, if that template protocol/https setting doesn't work when changed runtime, you can always do the redirect too.

Something like this:

<?php

if ( ! $config->https) {
  $httpsUrl = str_replace("http", "https", $page->httpUrl);
  $session->redirect($httpsUrl);
}
Link to comment
Share on other sites

Dear Antti,

I tried your suggestion, and it worked. So, I settled on this code:

if ( $page->rootParent->url == "/members/" && ! $config->https )
      {
      $httpsUrl = str_replace("http", "https", $page->httpUrl);
      $session->redirect($httpsUrl);
      }
elseif ( $page->rootParent->url != "/members/" && $config->https )
      {
      $httpUrl = str_replace("https", "http", $page->httpUrl);
      $session->redirect($httpUrl);
      }
else
      {
      # do nothing
      }

 

It seems to do exactly what .htaccess mod_rewrite would do, if I'm not mistaken.

And because, after the first redirect, the SSL status is active, there aren't redirects on every page load,

since the links are relative.

It would be academically interesting to see how this would be done in .htaccess,

but for now... problem solved!

Thank you once again! Brilliant, brilliant.

Peter

  • Like 1
Link to comment
Share on other sites

Now that I think of it, it's clear why the first approach didn't worked: pw is already in outputting content when we changed the template protocol - it is too late for PW to do the redirect. With right hook and autoload module that approach might work.

.htaccess is probably very simple in this case and little bit faster than this approach.

Link to comment
Share on other sites

I'm not sure why you're asking because obviously you already got the solution answered yourself.

RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

just before the

# RewriteCond %{HTTP_HOST} !^www\. [NC]
# RewriteRule ^ http://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
 
Or doesn't it work?
 
Just remember to keep the htaccess updated in case PW changes it.
Link to comment
Share on other sites

Dear Soma,

That works well, but it converts all pages to https. I just want the /members/ branch converted.

If /members/ was a physical subdir, the code above would work in an .htaccess file in that subdir.

I find mod_rewrite sort of brain-twisting, which is why I asked. I also wasn't sure how it would interact with

PW's rules.

Perhaps this segment has to be modified?

RewriteRule ^(.*)$

to

RewriteRule ^/members/(.*)$

?

Yours,

Peter

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...