当前位置: 文江博客话题详情

如何使用 htaccess 仅在某些页面上启用 https?

发布于 2024-11-02 11:11:55 字数 912 浏览 1 评论 0原文

我有一个电子商务网站,我想仅在位于 https://mysite.com 的网站的电子商务部分启用 https /buy

由于我页面上的所有链接都是相对的,因此当有人访问 http://mysite.com 时并点击“购买”,他们将被带到 http://mysite.com/buy

另外,如果他们访问 https://mysite.com/buy 并点击另一个页面的链接,它们将被带到 https://mysite.com

我只希望在该部分使用 https 的原因是因为我有无法通过 https 发送的外部元素(即 Google 地图、Youtube、Twitter 等)。

有没有办法使用 htaccess 使 /buy 目录强制使用 https,但每个其他页面强制使用 http?

编辑: 如果有人感兴趣,我可以使用 PHP 解决这个问题。我仍然更喜欢 htaccess 解决方案,但这现在可以使用:

if($_SERVER['HTTPS'] == "on") {
    if(strpos($_SERVER['REQUEST_URI'],"buy") === false) {
        Header("Location: http://$_SERVER['HTTP_HOST']."".$_SERVER['REQUEST_URI']");
    }
}
原文

I have an ecommerce site, and I want to enable https only on the ecommerce section of the site located at https://mysite.com/buy

Since all of the links on my pages are relative, when someone visits http://mysite.com and clicks on Buy, they are taken to http://mysite.com/buy

Also, if they visit https://mysite.com/buy and click on a link to another page, they are taken to https://mysite.com.

The reason I want https only on that one section is because I have external elements (i.e. Google Maps, Youtube, Twitter, etc) that cannot be sent over https.

Is there a way with htaccess that I can make the /buy directory force https, but every other page force http?

Edit:
In case anyone is interested, I was able to solve this using PHP. I would still prefer an htaccess solution, but this will work for now:

if($_SERVER['HTTPS'] == "on") {
    if(strpos($_SERVER['REQUEST_URI'],"buy") === false) {
        Header("Location: http://$_SERVER['HTTP_HOST']."".$_SERVER['REQUEST_URI']");
    }
}

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

唯憾梦倾城 2024-11-09 11:11:55

在您的 .htaccess 文件中尝试此操作:

Options +FollowSymLinks
RewriteEngine on

# redirect for http /buy page
RewriteCond %{SERVER_PORT} =80
RewriteRule ^buy/?$ https://mysite.com/buy [R=301,QSA,L,NE]

# redirect for https non /buy pages
RewriteCond %{SERVER_PORT} =443
RewriteCond %{REQUEST_URI} !^/buy [NC]
RewriteRule ^/?(.*)$ http://mysite.com/$1 [R=301,QSA,L,NE]

R=301 将使用 https 状态 301 进行重定向
L 将制定最后一条规则
NE 用于无转义查询字符串
QSA 将附加您现有的查询参数
NC 用于忽略大小写比较

$1 是您的 REQUEST_URI

Try this in your .htaccess file:

Options +FollowSymLinks
RewriteEngine on

# redirect for http /buy page
RewriteCond %{SERVER_PORT} =80
RewriteRule ^buy/?$ https://mysite.com/buy [R=301,QSA,L,NE]

# redirect for https non /buy pages
RewriteCond %{SERVER_PORT} =443
RewriteCond %{REQUEST_URI} !^/buy [NC]
RewriteRule ^/?(.*)$ http://mysite.com/$1 [R=301,QSA,L,NE]

R=301 will redirect with https status 301
L will make last rule
NE is for no escaping query string
QSA will append your existing query parameters
NC is for ignore case comparison

$1 is your REQUEST_URI

回复 原文
分开我的手 2024-11-09 11:11:55

我没有实践经验,但从我看来,htaccess 配置文件应该只影响存储该文件的文件夹中的文件。

因此,您应该能够执行以下操作:

http://www.besthost ratings。 com/articles/force-ssl-htaccess.html

并将其放入您网站的 /buy 文件夹中。

I don't have hands on experience, but from what I see, it looks like the htaccess configuration file should impact only the files in the folder in which the file is stored.

So you should be able to do something like this:

http://www.besthostratings.com/articles/force-ssl-htaccess.html

And put it in the /buy folder of your site.

回复 原文
眼眸印温柔 2024-11-09 11:11:55

如果您的网页托管在 9001 端口上,只需启用 Linux 机器上的任何端口并在 /etc/httpd/conf.d/ssl.conf 中进行这些更改。然后将侦听端口设置为 9002 并创建 SSL 证书和密钥,并将以下配置放入您的 httpd.conf 文件中

Listen 9001
<VirtualHost *:9001>
ServerAdmin root@localhost
DocumentRoot /mnt/work/httpd
<Directory "/mnt/work/httpd">
Options FollowSymLinks
 AllowOverride AuthConfig
</Directory>
  SSLEngine On
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
SSLCertificateKeyFile /etc/httpd/www.test.example.com.key
SSLCertificateFile /etc/httpd/www.test.example.com.crt
RewriteCond %{HTTPS} off
RewriteRule (.*) https://www.test.example.com:9002%{REQUEST_URI}

,您的 .htaccess 文件应如下所示

AuthType Digest
AuthName "Protected"
AuthDigestProvider file
AuthGroupFile /dev/null
AuthUserFile /mnt/work/httpd/digest_auth
Require user username**

If your web page is hosted on 9001 port just enable any port on your linux box and make these changes in /etc/httpd/conf.d/ssl.conf.Then set your Listen Port to 9002 and create SSL certificate and key and put following configuration in your httpd.conf file

Listen 9001
<VirtualHost *:9001>
ServerAdmin root@localhost
DocumentRoot /mnt/work/httpd
<Directory "/mnt/work/httpd">
Options FollowSymLinks
 AllowOverride AuthConfig
</Directory>
  SSLEngine On
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
SSLCertificateKeyFile /etc/httpd/www.test.example.com.key
SSLCertificateFile /etc/httpd/www.test.example.com.crt
RewriteCond %{HTTPS} off
RewriteRule (.*) https://www.test.example.com:9002%{REQUEST_URI}

and your .htaccess file should look like this

AuthType Digest
AuthName "Protected"
AuthDigestProvider file
AuthGroupFile /dev/null
AuthUserFile /mnt/work/httpd/digest_auth
Require user username**
回复 原文
~没有更多了~

关于作者

乙白

暂无简介

0 文章
0 评论
24 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

lorenzathorton8

文章 0 评论 0

Zero

文章 0 评论 0

萧瑟寒风

文章 0 评论 0

mylayout

文章 0 评论 0

tkewei

文章 0 评论 0

17818769742

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文