Reputation: 4491
Force Subdomain to secure.domain.com rather than domain.com/secure
I have an SSL cert on a subdomain we have (secure), however if someone attempts to access the folder using this method:
http://www.domain.com/secure
or https://www.domain.com/secure
It shows the SSL error "ssl_error_bad_cert_domain" which is correct, so what I wanted to do was prevent anyone accessing the secure folder directly, instead forcing them to:
https://secure.domain.com
Which then ensures the SSL cert works correctly.
I am assuming this can be done using the .htaccess file in the subdomain folder (which already forces it to use https), but I'm just not sure how to accomplish it.
Many thanks.
Update 1
Including current subdomains .htaccess
RewriteEngine On
RewriteBase /
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
Upvotes: 1
Views: 420
Answers (1)
Reputation: 7517
You won't be able to redirect from https://www.domain.com/secure/, because it will attempt to validate the certificate before it attempts any redirect. You'd need a valid certificate covering "www.domain.com" for that to work.
To cover http://www.domain.com/secure, you can use the following.
Redirect 301 /secure/ https://secure.domain.com/
Upvotes: 1
Related Questions
- Force SSL HTTPS for subdomain with .htaccess
- Set SSL on subdomain with htaccess - main domain is working on ssl
- .htaccess Redirect to HTTPS except subdomain
- Disable rewrite to https for subdomains
- Force HTTPS Through HTACCESS With Subdomain Exception
- Forcing HTTPS for Main Domain, Not Sub-Domain
- Redirect subdomain request to subdirectory + https (using .htaccess)
- Redirect Subdomain Using htaccess and Keep URL
- htaccess mod_rewrite: Force using https, but not on subdomains
- .htaccess Redirect Specific Subdomain from HTTPS back to HTTP