0

For some reasons i am trying to Redirect all traffic coming to port 443 to port 80 i.e from https to http and kindly this is not duplicate because i searched a lot but did not found any working solution. I created the following .htaccess file in root folder

RewriteEngine On 
RewriteCond %{SERVER_PORT} 443 
RewriteRule ^(.*)$ http://www.localhost.com/$1 [R,L]

this is not working but my .htaccess file is being read correctly i confirmed it by running following tests

  1. I put random garbage character and Server shows error 500
  2. The reverse of above code is working i.e Properly redirecting from http to https

If any one has experienced this before then kindly guide me to the solution

Best Regards!

Zain Ul Abidin
  • 101
  • 2
  • 3
    Welcome to Server Fault! A 500 error is the webservers way of saying "I have a major problem, but I don't want to talk about it in public". Look at the error log of the server, there will be a clear message saying what's wrong. – Gerald Schneider Feb 20 '19 at 08:28
  • yes but that means .htaccess file is being read and not being ignored why the reverse is working ? and yes i am currently analyzing logs – Zain Ul Abidin Feb 20 '19 at 08:31
  • Well, what does your log file show? What is the actual error message you get? You're not providing much information to go on. – Gerald Schneider Feb 20 '19 at 08:37
  • 1
    logs did not show any error but server shows certificate error when we access https version instead of redirecting it shows invalid certificate – Zain Ul Abidin Feb 20 '19 at 08:39
  • logs contain following error "[ssl:warn] [pid 3700:tid 396] AH01909: www.example.com:443:0 server certificate does NOT include an ID which matches the server name" – Zain Ul Abidin Feb 20 '19 at 08:41
  • If your problem is an invalid certificate you are not going to solve this with a redirect. – Gerald Schneider Feb 20 '19 at 08:42
  • lolz but why? i think its the quickest solution to implement – Zain Ul Abidin Feb 20 '19 at 08:43
  • Because people will still need to connect first to https (and experience the invalid certificate error) before the redirect gets applied. – HBruijn Feb 20 '19 at 08:44
  • 2
    The SSL handshake happens BEFORE the browser receives the redirect. This is just how it works, you can't change it. You need a valid certificate, even if you redirect to http afterwards. – Gerald Schneider Feb 20 '19 at 08:45
  • Thank you sir that helped me a lot now i understand why its not redirecting the certificate portion is mandatory to solve – Zain Ul Abidin Feb 20 '19 at 08:47
  • 1
    When you previously offered your site on https and redirected to https from http please note that a permament redirect (HTTP 301) gets cached by your browser as will any [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) policies. Then even though server settings are different now your browser may simply be refusing to connect to http and port 80 and will active change the URL entered in the address bar to https. A new server configuration should be tested from a new incognito/anonymous browser session to prevent that – HBruijn Feb 20 '19 at 08:49
  • Rather confusingly you stated, "The reverse of above code is working i.e Properly redirecting from http to https" - that also won't work "properly" if you don't have a valid SSL cert. (?) – MrWhite Feb 20 '19 at 10:41

0 Answers0