Textpattern CMS support forum
You are not logged in. Register | Login | Help
- Topics: Active | Unanswered
Pages: 1
htaccess https to http
This is a strange one:) I am trying to redirect traffic which falsely links to our site using using https to our http pages in our htaccess file.
I have tried
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</IfModule>
RewriteCond %{HTTP:X-Forwarded-Proto} =https
RewriteRule ^(.*)$http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{SERVER_PORT} ^443$
RewriteRule ^(.*)$ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>
RewriteEngine On
RewriteCond %{SERVER_PORT} ^443$
RewriteRule ^(.*)$ http://%{HTTP_HOST}/$1 [R=301,L]
The list goes on
Am I missing something?
Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.
Offline
Re: htaccess https to http
gee you are the first i have heard WANTING http rather https!
Do have letsencrypt applied by any chance?
found this info
#Redirect HTTPS to HTTP RewriteCond %{HTTP:X-Forwarded-Proto} =https RewriteRule ^(.*)$ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Last edited by bici (2020-06-30 18:30:25)
…. texted postive
Offline
Re: htaccess https to http
colak wrote #324129:
This is a strange one:) I am trying to redirect traffic which falsely links to our site using using https to our http pages in our htaccess file.
[…]
Am I missing something?
There’s a missing space in your second example – bici’s reply above should work fine.
Offline
Re: htaccess https to http
bici wrote #324130:
gee you are the first i have heard WANTING http rather https!
Do have letsencrypt applied by any chance?
I think that it was first posted here by Michael Pate.: meyerweb.com/eric/thoughts/2018/08/07/securing-sites-made-them-less-accessible/
found this info
#Redirect HTTPS to HTTP...
nope,
It still lands on https without redirecting:(
Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.
Offline
Re: htaccess https to http
Is there an ordering issue? Perhaps a previous block isn’t being closed correctly.
What happens if the https -> to http block is first / top of the file?
Offline
Re: htaccess https to http
Hi Pete,
I tried all positions possible, top, bottom and middle. I am now investigating actually creating an https domain via my host which I will be forwarding to http via the panel. It appears that it might be the easiest option as it will be forwarding without any htaccess rules.
Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.
Offline
Re: htaccess https to http
Forgive me if I’ve missed a thread – what’s the rationale in using http over https?
Offline
Re: htaccess https to http
Another one from html5 boilerplate in reverse:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP} !=on
RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</IfModule>
From here (GitHub) in reverse. I’m not sure that stops people’s browsers complaining that there is no secure site when they visit.
But yeah, if there’s no real reason against using it, a LetsEncrypt SSL certificate is easy enough nowadays. You don’t have to force everyone to use https if there are still parts of your site that depend on regular http.
TXP Builders – finely-crafted code, design and txp
Offline
Re: htaccess https to http
gaekwad wrote #324153:
Forgive me if I’ve missed a thread – what’s the rationale in using http over https?
According to that excellent article by Eric Meyer it’s not serving one over the other, it’s making content available (cached) for those consumers who are not on fat fiber connections where packet loss is the exception rather than the norm.
The entry requirements for https preventing man-in-the-middle attacks are high. As he says, https is a good thing but we should be mindful that if we want out content read over slow-ass satellite links it’s up to us as providers of content to ensure it’s cached for faster access on slow connections, rather than (in the past) end users of slow connections caching it out of necessity – a process they now cannot do in the https world.
It’s interesting as it’s not caching as we traditionally see it – static copies of rarely-changing sources. From what I understand, it’s a whole API that allows secure connections to be made over a parallel channel and have content broken into cachable chunks that can be served to those who make special types of request from their browser. I might have got that wrong. I read about this when the ink was drying on the specs, and then forgot all about it.
With Textpattern being the lightweight platform it is, we’re perfectly poised (certainly compared with a lot of the competition) to power sites that are already highly accessible on low bandwidth links – public and admin sides are lightning quick. I wonder what it would take – plugin, core tweaks, whatever – to make a caching Service Worker easy to deploy and make us even more attractive to consumers away from fat network pipes.
Last edited by Bloke (2020-07-01 20:56:19)
The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.
Txp Builders – finely-crafted code, design and Txp
Offline
Re: htaccess https to http
jakob wrote #324164:
I’m not sure that stops people’s browsers complaining that there is no secure site when they visit.
Nope:(
Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.
Offline
Re: htaccess https to http
Bloke wrote #324170:
According to that excellent article by Eric Meyer it’s not serving one over the other, it’s making content available (cached) for those consumers who are not on fat fiber connections where packet loss is the exception rather than the norm.
Thanks that was a good read.
“The drive to force every site on the web to HTTPS has pushed the web further away from the next billion users—not to mention a whole lot of the previous half-billion. I saw a piece that claimed, “Investing in HTTPS makes it faster, cheaper, and easier for everyone.” If you define “everyone” as people with gigabit fiber access, sure. “
…paved with good intentions
…. texted postive
Offline
Pages: 1