htaccess的SSL和放大器;非SSL重定向 [英] .htaccess ssl & non-ssl redirects

查看:163
本文介绍了htaccess的SSL和放大器;非SSL重定向的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我尝试写一些简单的规则来重定向到https的一对夫妇的url和重定向到http他人。下面是我目前的设置,但它是导致重定向循环。谁能告诉我什么,我做错了。

 的RewriteCond%{} HTTPS关闭
的RewriteCond%{REQUEST_URI} ^ \ /(登录|注册)+ [NC]
(。*)重写规则^ $的https://%{SERVER_NAME} / $ 1 [R = 301,L]

的RewriteCond%{} HTTPS上
的RewriteCond%{REQUEST_URI} ^ \ /(登录|注册)!+ [NC]
(。*)重写规则^ $的http://%{SERVER_NAME} / $ 1 [R = 301,L]

解决方案

这首规则集重定向所有流量到HTTPS时请求未指明HTTPS,只有当他们试图达到标志-in 注册页。

 的RewriteCond%{} HTTPS关闭
的RewriteCond%{REQUEST_URI} ^ \ /(登录|注册)+ [NC]
(。*)重写规则^ $的https://%{SERVER_NAME} / $ 1 [R = 301,L]

这第二条规则被重定向所有流量到非SSL时HTTPS请求和URL不是登录注册

 的RewriteCond%{} HTTPS上
的RewriteCond%{REQUEST_URI} ^ \ /(登录|注册)!+ [NC]
(。*)重写规则^ $的http://%{SERVER_NAME} / $ 1 [R = 301,L]

这两个重定向使用301重定向这是由你的浏览器缓存,所以如果在某些时候不小心被重定向到错误的地方,这可能是用来代替你所发生的事情在这里。

当您尝试访问你在登录后页面的问题是,你马上就回来了 HTTPS 的重定向。所以,如果你不处理在登录目录中的登录请求,或者如果你重定向回了HTTPS的。

有可能有大量的重叠,其中任何东西,这不是在登录或者注册文件夹反弹之间来回HTTPS和HTTP。

I'm trying to write some simple rules to redirect to https for a couple of urls and redirect to http for others. Below is my current setup but it is causing redirect loops. Can anyone tell me what I'm doing wrong.

RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} ^\/(sign-in|register)+ [NC]
RewriteRule ^(.*)$ https://%{SERVER_NAME}/$1 [R=301,L]

RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !^\/(sign-in|register)+ [NC]
RewriteRule ^(.*)$ http://%{SERVER_NAME}/$1 [R=301,L]

解决方案

This first ruleset is redirecting all traffic to HTTPS when the requester has not indicated HTTPS, only when they're trying to reach the sign-in or register page.

RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} ^\/(sign-in|register)+ [NC]
RewriteRule ^(.*)$ https://%{SERVER_NAME}/$1 [R=301,L]

This second rule is redirecting all traffic to non-SSL when HTTPS is requested and the URL is NOT sign-in or register.

RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !^\/(sign-in|register)+ [NC]
RewriteRule ^(.*)$ http://%{SERVER_NAME}/$1 [R=301,L]

Both redirects use 301 redirects which are cached by your browser, so if at some point you accidentally redirected to the wrong place, that might be used instead of what you have happening here.

The problem is when you try to visit a page after you're logged in, you'll be redirected right back out of HTTPS. So if you're not handling the sign-in request in the sign-in directory, or if you're redirecting them back out of HTTPS.

There could be substantial overlap where anything that's not in the sign-in or register folders bounced back and forth between HTTPS and HTTP.

这篇关于htaccess的SSL和放大器;非SSL重定向的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
服务器开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆