Textpattern CMS support forum
You are not logged in. Register | Login | Help
- Topics: Active | Unanswered
#1 2019-06-21 10:09:09
- raminrahimi
- Member
- From: India
- Registered: 2013-03-19
- Posts: 276
how to redirect all (GET & POST) http to https dynamically ?
Anyone please help me that, I want to change all requests which are (GET & POST) from HTTP to HTTPS to secure site and textpattern dynamically.
For example if the request is coming:
GET: http://site.com/about ——> https://site.com/about
POST: http://rokyan.com/textpattern/index.php?event=form ——> https://rokyan.com/textpattern/index.php?event=form
GET/POST: http://site.com/index.php?q=services ——> https://site.com/index.php?q=services
GET: http://site.com/?id=28 ——> https://site.com/?id=28
etc…
Offline
Re: how to redirect all (GET & POST) http to https dynamically ?
In your htaccess you could try
RewriteCond %{SERVER_PORT} ^80$
RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]or
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.
Offline
Re: how to redirect all (GET & POST) http to https dynamically ?
For regular GET requests, you can use normal htaccess rewrites but for POST requests, you need to use a 307 redirect. The 307 means resend the entire page including POST vars. It’s probably best to do that sparingly only when you actually need it, so …
Combining the example of this article with a general http to https redirect from the html5boilerplate should give you something like this:
RewriteEngine on
# http to https for individual specified POST request page only
RewriteCond %{HTTPS} !=on
RewriteCond %{REQUEST_URI} string_to_match_in_url
RewriteCond %{REQUEST_METHOD} POST
RewriteRule ^ https://%{HTTP_HOST} [R=307,L]
# http to https for all other requests
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L](replacing string_to_match_in_url with your url matches for your pages with POST requests).
To save server load, both those methods should only act on links that come as http.
The first will only act on a specific named url with a POST request and then skip the second directive.
If incoming links are already using https, neither directive will be processed.
Note: If you need to allow http, e.g. for Let’s Encrypt, see the linked HTML5boilerplate example for permitted http urls.
TXP Builders – finely-crafted code, design and txp
Offline