Group: http://groups.google.com/group/sitedesign/topics
- http:// to https:// Redirection [13 Updates]
- Good Morning! [1 Update]
- New Regulations for Email Security in Healthcare [1 Update]
- Artist <SitePro@gmail.com> Sep 23 11:25AM -0700
OK, here's My problem:
I have an email contact web form on My site at *HD Web Hosting*. I have
secured it with an SSL Certificate (the techs set that and My required
dedicated IP address) up for Me and I have set all the site links to use
the https:// address for the secure form so that all traffic arriving at
the site should be directed to the secure form.
Today is the deadline for securing email for health care industry
professionals, by the way.
And the form is secured, UNLESS someone types the http:// address in
directly, deliberately deletes the s in https and hits return, or arrives
from an off-site link that uses the old http address.
So, I was thinking that I should redirect traffic sent to the http://
address to the https:// address and attempted to do so through the
.htaccess file (Apache server). However, .htaccess does not actually
support this.
So I am wondering how I can cover this using another redirect method?
-Thanks in advance for your help!... Doug
- "Michael J. Fuhrman" <mfuhrman@enetarch.net> Sep 23 11:39AM -0700
You can use JavaScript, or you can use the HTML header block to
redirect, or you could write a PHP script that simply redirects the web
browser to the correct page.
Suggestion #1 - use javascript to redirect users
<script>
windown.location = "https://samesite.com/newpage.php"
</script>
Suggestion #2 - use HTML header block to redirect users
<HTML>
<HEAD>
<!-- Send users to the new location. -->
<TITLE>redirect</TITLE>
<META HTTP-EQUIV="refresh"
CONTENT="10;URL=http://www.netmechanic.com">
</HEAD>
<BODY>
This page has moved. You will be
automatically redirected
to its new location in 10 seconds.
If you aren't forwarded
to the new page,
<a href="http://www.netmechanic.com">
click here</a>.
</BODY>
</HTML>
Suggestion #3 - use PHP header function to redirect users
<?
header ("https://samesite.com/newpage.php");
?>
On 9/23/2013 11:25 AM, Artist wrote:
- Artist <sitepro@gmail.com> Sep 23 01:59PM -0500
I don't think you understand, I am trying to redirect the same page address
from http to https
http://www.foosite.com/contact.html to https://www.foosite.com/contact.html
Either address is the same, it is the way it is served that is not
(securely as an encrypted page, or not).
I think there is a way, but I think it requires I use php on a static site.
Bummer.
Doug Peters
(605) 331-0808
http://www.Doug-Peters.com
https://www.facebook.com/symbioticdesign
http://twitter.com/Domainating<http://www.twitter.com/Domainating>
https://www.facebook.com/groups/wdadg/ http://www.wdadg.org/
http://www.W3DN.com http://www.DomainHostmaster.com
http://www.HDWebHosting.com
http://www.PremiumBrand.Name <http://www.premiumbrand.name/>
http://www.font-journal.com <http://www.fontjournal.com>
http://www.GlossaryIndex.com
http://www.faviconvert.com
<http://www.SymbioticDesign.com>
On Mon, Sep 23, 2013 at 1:39 PM, Michael J. Fuhrman
- "Michael J. Fuhrman" <mfuhrman@enetarch.net> Sep 23 12:12PM -0700
Doug,
So let me understand this correctly. The Web Server is pointing ...
http://www.footsie.com and
https://www.footsie.com
to the same drive path
c:\www\footsie.com
well then, I would suggest this ...
Using PHP, determine if the calling URL is http or https. If it's http,
then use the PHP header function to redirect the web browser to https.
So your PHP page, "footmassage.php" would look like this:
<?
if(! isset($_SERVER['HTTPS'] ) ) header
("https://www.footsie.com/footmassage.php");
...
?>
On 9/23/2013 11:59 AM, Artist wrote:
- Binaek Sarkar <binaek89@gmail.com> Sep 24 02:01AM +0530
Doug,
A quick Google search shows that you can do it in htaccess.
Try this link:
http://serverfault.com/questions/116206/how-do-i-use-htaccess-to-always-redirect-from-http-to-https
I haven't tried it myself, but from the looks of it, it should work.
@Michael: I think Doug wants to apply the same redirection to all resources
under that domain. If that is so, a JavaScript or even a PHP solution of
redirection becomes redundant. You would have to repeat the code
everywhere. Even if you make it into a separate file, that would still
imply that you have to include it everywhere.
Regards
Binaek Sarkar
- "Michael J. Fuhrman" <mfuhrman@enetarch.net> Sep 23 02:07PM -0700
Binaek,
Ah, that would make sense, vs just doing it for one file. Though,
personally, I would not have a http or https point to the same directory
structure. Especially, if there is a need to insure that the
information is encrypted when transmitted.
Mike,
On 9/23/2013 1:31 PM, Binaek Sarkar wrote:
- Artist <sitepro@gmail.com> Sep 23 07:03PM -0500
Actually, no. I did do a Google Search, I came up with a redirect in the
.httaccess file...
The first version was an infinite loop...
Redirect 301 /contact.shtml https://www.womanspsych.com/contact.shtml
So I changed it...
Redirect 301 http://womanspsych.com/contact.shtml
https://www.womanspsych.com/contact.shtml
Redirect 301 http://www.womanspsych.com/contact.shtml
https://www.womanspsych.com/contact.shtml
This does not work at all.
I only want to redirect the one contact form, nothing else needs to be
secure and I don't want it to be because small search engines and
directories and such stay away from https (even though Google doesn't mind
https if configured, Google doesn't matter here, believe it or not, they
don't matter to most small business unless they have an android phone or
prefer its search, etc...)
So, I only want to redirect http://example.com/contact.shtml and
http://www.example.com/contact.shtml to
https://www.example.com/contact.shtml
I will definitely check out the link you left...
OK...
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} (contact.shtml)
RewriteRule (.*) https://womanspsych.com/contact.shtml
...might work.
OK, cool. I'll go check that out. Thanks!
Doug Peters
(605) 331-0808
http://www.Doug-Peters.com
https://www.facebook.com/symbioticdesign
http://twitter.com/Domainating<http://www.twitter.com/Domainating>
https://www.facebook.com/groups/wdadg/ http://www.wdadg.org/
http://www.W3DN.com http://www.DomainHostmaster.com
http://www.HDWebHosting.com
http://www.PremiumBrand.Name <http://www.premiumbrand.name/>
http://www.font-journal.com <http://www.fontjournal.com>
http://www.GlossaryIndex.com
http://www.faviconvert.com
<http://www.SymbioticDesign.com>
- Artist <sitepro@gmail.com> Sep 23 07:11PM -0500
Nope.
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} (contact.shtml)
RewriteRule (.*) https://www.womanspsych.com/contact.shtml
Doesn't work.
I'll ask on that site, though.
Thanks for bringing it to My attention.
-Doug
Doug Peters
(605) 331-0808
http://www.Doug-Peters.com
https://www.facebook.com/symbioticdesign
http://twitter.com/Domainating<http://www.twitter.com/Domainating>
https://www.facebook.com/groups/wdadg/ http://www.wdadg.org/
http://www.W3DN.com http://www.DomainHostmaster.com
http://www.HDWebHosting.com
http://www.PremiumBrand.Name <http://www.premiumbrand.name/>
http://www.font-journal.com <http://www.fontjournal.com>
http://www.GlossaryIndex.com
http://www.faviconvert.com
<http://www.SymbioticDesign.com>
On Mon, Sep 23, 2013 at 4:07 PM, Michael J. Fuhrman
- Artist <sitepro@gmail.com> Sep 23 07:19PM -0500
OK... I think I am looking in the wrong place. The objective is to load
the https:// address, not rewrite the URL.
This works to rewrite the url with https://
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} (contact.*)
RewriteRule (.*) https://www.womanspsych.com%{REQUEST_URI}
BUT, the padlock has a warning/caution sign on it, so I am sure that this
is bypassing the encryption. I need to reload the https:// address.
I'll ask them there.
Doug Peters
(605) 331-0808
http://www.Doug-Peters.com
https://www.facebook.com/symbioticdesign
http://twitter.com/Domainating<http://www.twitter.com/Domainating>
https://www.facebook.com/groups/wdadg/ http://www.wdadg.org/
http://www.W3DN.com http://www.DomainHostmaster.com
http://www.HDWebHosting.com
http://www.PremiumBrand.Name <http://www.premiumbrand.name/>
http://www.font-journal.com <http://www.fontjournal.com>
http://www.GlossaryIndex.com
http://www.faviconvert.com
<http://www.SymbioticDesign.com>
- Joe Kelly <jkelly.developer@gmail.com> Sep 23 05:38PM -0700
You need Redirect not Rewrite they work differently..
Not sure if this was posted assuming you are using mod_rewrite.
http://httpd.apache.org/docs/current/rewrite/remapping.html
The reason your previous example was a loop was because there was no
condition for the redirect.
Redirect 301 /contact.shtml https://www.womanspsych.com/contact.shtml
They have an example on the page I linked along the lines of:
<If "%{SERVER_PROTOCOL} != 'HTTPS'">
Redirect /admin/ https://www.example.com/admin/</If>
Sorry if this isn't super helpful. In a rush to leave work.
- Artist <sitepro@gmail.com> Sep 23 08:17PM -0500
<If "%{SERVER_PROTOCOL} != 'HTTPS'">
Redirect /contact.shtml https://www.womanspsych.com/contact.shtml
</If>
...that produced a 500 error on every page I loaded on the site. This is
in the .htaccess file?
Jeepers, now I am lost. I didn't think .htaccess supports <IF> statements.
Must be some other config file.
Doug Peters
- Ben Hussenet <benhussenet@gmail.com> Sep 24 04:43AM +0100
if you put thisd in the contact forms php page this should work because you
only want it for the single file:
http://stackoverflow.com/questions/9243213/how-do-i-force-https-on-a-single-file-php
let me know if it doesn`t
Ben
Many Thanks
Ben Hussenet
- Ben Hussenet <benhussenet@gmail.com> Sep 24 04:46AM +0100
alternativly put the contact form in its own directory. put a htaccess in
that directory and use this
Place the following code in a .htacces file in your folder:
RewriteEngine OnRewriteCond %{SERVER_PORT} !443RewriteRule (.*)
https://www.example.com/require-secure/ [R]
Many Thanks
Ben Hussenet
- Artist <SitePro@gmail.com> Sep 23 11:37AM -0700
> What do you all run?
I have...
Sony Vaio 2.x GHz duo Core Processor Full HD 1080P laptop (they call it a
notebook, but it is too big, 19", for that).
Samsung Galaxy Note II (quad processor 5.5" mini-tablet phone).
I am setting up a couple other PCs as servers. One for the home (dual core
3 GHz) files and sharing, and another single core 2 GHz to play with Linux,
eventually.
I also have 2 tablets and they have all crapped-out on Me and are unusable.
I also returned another one, forget the brand of that one...
ASUS TF101 Transformer w/ kb
Poloroid 7" Internet Tablet
- Artist <SitePro@gmail.com> Sep 23 11:23AM -0700
Today is the deadline, by the way.
On Friday, August 9, 2013 11:56:15 PM UTC-5, Artist wrote:
--
You received this because you are subscribed to the "Web Design and Development" group at Google Groups. Messages are prefixed with [WD&D] in the subject. No spam is allowed. Be civil, be professional; try to be helpful & mind your netiquette. All posts are Copyright the original author and the Web Design and Development group. No reproduction of this content is allowed in any electronic or printed form outside the group at Google Groups and the http://www.WDaDg.org website. Any unauthorized use of our copy constitutes illegal Copyright infringement and may well be prosecuted to the full extent of the law. Digital Signature: $©"[W|D|&|D]g"|^|!SiteDesign@GG||#%$
To post to this group, email SiteDesign@googlegroups.com
To unsubscribe, email SiteDesign-unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/SiteDesign?hl=en
---
You received this message because you are subscribed to the Google Groups "Web Design and Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sitedesign+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
Did you know that you can generate money by locking special areas of your blog or site?
ReplyDeleteSimply open an account on AdscendMedia and run their content locking widget.