正确的 .htaccess 方法可以重定向一些选定页面以使用 HTTPS,将所有其他页面返回到 HTTP?
我浏览过类似的问题,但没有找到我想要的确切工作解决方案。
我们有一个 Joomla 网站,需要 2-3 个特定页面才能强制使用 https,而离开这些页面需要返回到所有其他页面的 http。所有页面“都可以”使用 http 或 https,但 https 会导致一些插件出现一些问题。
我们已经在 .htaccess 文件上设置了一些内容,但我不知道执行我想要的操作的所有语法。我们启用了 mod_rewrite,这是一个将 http:// 重定向到 http://www 的规则,以及执行 SEF url 的默认 Joomla 规则。
因此,我们的安全页面通常是:/section/category/secure-page、/othersection/othercategory/secure-page 2 等。
这是实施修复后的整个 HTACCESS(但出现错误):
##
# @version $Id: htaccess.txt 10492 2008-07-02 06:38:28Z ircmaxell $
# @package Joomla
# @copyright Copyright (C) 2005 - 2008 Open Source Matters. All rights reserved.
# @license http://www.gnu.org/copyleft/gpl.html GNU/GPL
# Joomla! is Free Software
##
#####################################################
# READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE
#
# The line just below this section: 'Options +FollowSymLinks' may cause problems
# with some server configurations. It is required for use of mod_rewrite, but may already
# be set by your server administrator in a way that dissallows changing it in
# your .htaccess file. If using it causes your server to error out, comment it out (add # to
# beginning of line), reload your site in your browser and test your sef url's. If they work,
# it has been set by your server administrator and you do not need it set here.
#
#####################################################
## Can be commented out if causes errors, see notes above.
Options +FollowSymLinks
#
# mod_rewrite in use
RewriteEngine On
########## Begin - Rewrite rules to block out some common exploits
## If you experience problems on your site block out the operations listed below
## This attempts to block the most common type of exploit `attempts` to Joomla!
#
# Block out any script trying to set a mosConfig value through the URL
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
#
########## End - Rewrite rules to block out some common exploits
########## Begin - SSL Redirects (https/http)
#
RewriteRule %{HTTPS} off
RewriteCond %{REQUEST_URI} ^/news-events/cultivate-la/cultivate-la-tickets$ [OR]
RewriteCond %{REQUEST_URI} ^/news-events/cultivate-la/cla-tickets-thankyou$ [OR]
RewriteCond %{REQUEST_URI} ^/news-events/cultivate-la/cla-tickets-decline$ [OR]
RewriteCond %{REQUEST_URI} ^/news-events/cultivate-la/cla-tickets-error$ [OR]
RewriteCond %{REQUEST_URI} ^/how-to-help/donate/make-a-donation/$
RewriteRule (.*) https://%{HTTP_HOST}/$1 [L]
RewriteRule %{HTTPS} on
RewriteCond %{REQUEST_URI} !^/news-events/cultivate-la/cultivate-la-tickets$
RewriteCond %{REQUEST_URI} ^/news-events/cultivate-la/cla-tickets-thankyou$
RewriteCond %{REQUEST_URI} ^/news-events/cultivate-la/cla-tickets-decline$
RewriteCond %{REQUEST_URI} ^/news-events/cultivate-la/cla-tickets-error$
RewriteCond %{REQUEST_URI} ^/how-to-help/donate/make-a-donation/$
RewriteRule (.*) http://%{HTTP_HOST}/$1 [L]
#
##########
########## Begin - Redirect http:// to http://www. AND /annual subdirectory to annual. subdomain
#
RewriteCond %{HTTP_HOST} ^domainname.org [NC]
RewriteRule ^(.*)$ http://www.domainname.org/$1 [L,R=301]
RedirectMatch 301 ^/annual/(.*)$ http://annual.domainname.org/$1
#
##########
# Uncomment following line if your webserver's URL
# is not directly related to physical file paths.
# Update Your Joomla! Directory (just / for root)
# RewriteBase /
########## Begin - Joomla! core SEF Section
#
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/index.php
RewriteCond %{REQUEST_URI} (/|\.php|\.html|\.htm|\.feed|\.pdf|\.raw|/[^.]*)$ [NC]
RewriteRule (.*) index.php
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
#
########## End - Joomla! core SEF Section
########## Begin - 301 Redirect short URL
#
Redirect 301 /clatickets https://www.domainname.org/news-events/cultivate-la/cultivate-la-tickets
I've looked through similar questions but not found the exact working solution I'm after.
We have a Joomla site that needs 2-3 specific pages to be forced to use https, while navigating away from these pages needs to return to http for all other pages. All pages 'can' come up with either http or https, but https causes some issues with a few plugins.
We have already setup a few things on the .htaccess file, but I don't know all the syntax to do what I'm after. We have mod_rewrite on, a rule that redirects http:// to http://www., and the default Joomla rules that do the SEF urls.
So our secure pages are usually: /section/category/secure-page, /othersection/othercategory/secure-page 2, etc.
HERE'S OUR ENTIRE HTACCESS AFTER IMPLEMENTING THE FIX (BUT GETTING ERROR):
##
# @version $Id: htaccess.txt 10492 2008-07-02 06:38:28Z ircmaxell $
# @package Joomla
# @copyright Copyright (C) 2005 - 2008 Open Source Matters. All rights reserved.
# @license http://www.gnu.org/copyleft/gpl.html GNU/GPL
# Joomla! is Free Software
##
#####################################################
# READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE
#
# The line just below this section: 'Options +FollowSymLinks' may cause problems
# with some server configurations. It is required for use of mod_rewrite, but may already
# be set by your server administrator in a way that dissallows changing it in
# your .htaccess file. If using it causes your server to error out, comment it out (add # to
# beginning of line), reload your site in your browser and test your sef url's. If they work,
# it has been set by your server administrator and you do not need it set here.
#
#####################################################
## Can be commented out if causes errors, see notes above.
Options +FollowSymLinks
#
# mod_rewrite in use
RewriteEngine On
########## Begin - Rewrite rules to block out some common exploits
## If you experience problems on your site block out the operations listed below
## This attempts to block the most common type of exploit `attempts` to Joomla!
#
# Block out any script trying to set a mosConfig value through the URL
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
#
########## End - Rewrite rules to block out some common exploits
########## Begin - SSL Redirects (https/http)
#
RewriteRule %{HTTPS} off
RewriteCond %{REQUEST_URI} ^/news-events/cultivate-la/cultivate-la-tickets$ [OR]
RewriteCond %{REQUEST_URI} ^/news-events/cultivate-la/cla-tickets-thankyou$ [OR]
RewriteCond %{REQUEST_URI} ^/news-events/cultivate-la/cla-tickets-decline$ [OR]
RewriteCond %{REQUEST_URI} ^/news-events/cultivate-la/cla-tickets-error$ [OR]
RewriteCond %{REQUEST_URI} ^/how-to-help/donate/make-a-donation/$
RewriteRule (.*) https://%{HTTP_HOST}/$1 [L]
RewriteRule %{HTTPS} on
RewriteCond %{REQUEST_URI} !^/news-events/cultivate-la/cultivate-la-tickets$
RewriteCond %{REQUEST_URI} ^/news-events/cultivate-la/cla-tickets-thankyou$
RewriteCond %{REQUEST_URI} ^/news-events/cultivate-la/cla-tickets-decline$
RewriteCond %{REQUEST_URI} ^/news-events/cultivate-la/cla-tickets-error$
RewriteCond %{REQUEST_URI} ^/how-to-help/donate/make-a-donation/$
RewriteRule (.*) http://%{HTTP_HOST}/$1 [L]
#
##########
########## Begin - Redirect http:// to http://www. AND /annual subdirectory to annual. subdomain
#
RewriteCond %{HTTP_HOST} ^domainname.org [NC]
RewriteRule ^(.*)$ http://www.domainname.org/$1 [L,R=301]
RedirectMatch 301 ^/annual/(.*)$ http://annual.domainname.org/$1
#
##########
# Uncomment following line if your webserver's URL
# is not directly related to physical file paths.
# Update Your Joomla! Directory (just / for root)
# RewriteBase /
########## Begin - Joomla! core SEF Section
#
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/index.php
RewriteCond %{REQUEST_URI} (/|\.php|\.html|\.htm|\.feed|\.pdf|\.raw|/[^.]*)$ [NC]
RewriteRule (.*) index.php
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
#
########## End - Joomla! core SEF Section
########## Begin - 301 Redirect short URL
#
Redirect 301 /clatickets https://www.domainname.org/news-events/cultivate-la/cultivate-la-tickets
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
注:我删除了之前的答案。这是我的新答案:
note: I deleted my previous answer. it's my new answer:
如果它对任何人有帮助,我们的开发人员找到了一个 Joomla 插件,它强制某些页面使用 HTTPS,而所有其他页面使用 HTTP。它还有一些其他方便的功能。不确定幕后到底发生了什么,但它工作得很好(而 .htaccess 方法则不然),所以我们不会抱怨。
该插件名为:Yireo SSL 重定向。
可以在这里找到:http://extensions.joomla.org/extensions /站点管理/url-重定向/11326
In case it helps anyone, our developer found a plugin for Joomla that forces certain pages to use HTTPS and all other to use HTTP. It has some other handy features as well. Not sure exactly what's going on behind the scenes, but it works great (where the .htaccess methods weren't) so we won't complain.
The plugin is called: Yireo SSL Redirection.
It can be found here: http://extensions.joomla.org/extensions/site-management/url-redirection/11326