Reputation: 3228
https some parts of the website
It is my first time to have this https on my server, and with that I am wondering how will I do this.
I don't want my site to have the https entirely, just some parts of it. Say for example:
- https://mysite.com/register
- https://mysite.com/login
- https://mysite.com/user (and other segments after /user)
I want to have other links than that be enforce by the browser to use http only.
What is the best approach or practice here that I need to know?
Upvotes: 0
Views: 78
Answers (2)
Reputation: 658
Something like this in your .htaccess may solve your problem:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} ^/register|/login|/user$
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !^/register|/login|/user$
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
Upvotes: 0
Reputation: 1669
Ok, the overhead for https is not trivial, but if its really important to have SSL for some things, I suggest just making it all SSL. Otherwise the browser spits out confusing errors to neophytes about some things being secure and some not. Also, if you're not careful switching between SSL and non-SSL at the wrong moment can expose user data you might not intend.
In short, keep it uniform will keep headaches to a minimum.
I'm sure someone can weigh in on the overhead for SSL.
Upvotes: 3
Related Questions
- How do I force HTTPS on a some pages? (PHP)
- What do I have to code to use HTTPS?
- PHP page to be HTTPS
- .htaccess HTTPS and remove index.php
- HTTP to HTTPS Redirection Issue
- how to include https site using php
- Issue in redirecting web pages through HTTPS
- Specific pages as always https and some others always http
- having http links on https page but not scripts or css
- How to make a website in PHP work both in HTTP and HTTPS?