0

I hope asking a new question is the right approach to follow-up to an existing question(?) - please bear with me if not, I'm pretty much new to stackoverflow. That said, I'm referring to hide html extension + redirect .html version + special case exception

The htaccess provided by user Jon Lin works perfectly fine so far, but now I'm struggling with a related problem (I think it's related to the htaccess) and that is to use a shared ssl certificate for just one specific page on our site, let's call it baz.html

Due to the existing/cited htaccess, hxxp://mydomain.com/baz.html resolves to hxxp://mydomain.com/baz, which is fine. But, trying to use a shared ssl at hxxps://shared.host.com/~user/baz(.html) leads to a 404 not found error. I'm pretty sure (I assume so) that this is due to the used htaccess as the shared ssl tutorial provided by our host is pretty much unmistakeable.

Also, the document root (foo.html) shows up (as the only not-404) when accessing it with shared ssl but the CSS(+images), although relatively linked within the html code, isn't processed. I assume(?) this is related.

Basically, what I'd like to achieve is linking hxxps://shared.host.com/~user/baz instead of hxxp://mydomain.com/baz within our main site navigation to achieve a secured page (same as I do now for foo(.html), bar(.html), just for unsecured content)

I hope that my actual problem is perfectly understandable(?). I do not want to link our actual project page to not do self-advertising of some sort. If access to the actual page is needed to answer the question I'll certainly provide a link (if explicitly asked for)

Thanks in advance.

Community
  • 1
  • 1
Thomas Kuhn
  • 15
  • 4
  • Are you saying that you want requests for `http://domain.com/baz` and `http://domain.com/baz.html` to get redirected to `https://shared.host.com/~user/baz` instead? – Jon Lin Oct 22 '12 at 05:51
  • Not necessarily. Our main navbar links to /foo, /bar, /whatever. I would like to link to /baz(.html) like hxxps://shared.host.com/~user/baz instead of just /baz. Thinking about, a redirect from /baz(.html) to the secured version would also do (or would actually even be better considering that navigating back from the secured page /baz(.html) to the relatively linked unsecured pages would introduce new problems). The problem just is that accessing every page, whether it is bar(.html) or whatever(.html) but foo(.html) over secured url (shared ssl) currently leads to 404 not found. Understood? – Thomas Kuhn Oct 22 '12 at 06:10
  • Sorry, short answer: Yes! That would be perfectly OK. Problem is that accessing the page /baz(.html) through shared ssl atm leads to 404 not found with the original htaccess in place. – Thomas Kuhn Oct 22 '12 at 06:15

1 Answers1

0

You can't use the same htaccess file in your shared SSL host because the base is different (/~user/ instead of just /), and that will change how all the rules inherently work. So for those same rules, you need to account for the different base. If you put these rules in the htaccess file in the /~user/ directory, they'd need to look like this:

EDIT: since they're the same document root, you need to duplicate all the rules, one for SSL, one not:

RewriteEngine On

# 1. hiding the .html extensions
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} ^/(.*?)/?$
RewriteCond %{DOCUMENT_ROOT}/~user/%1.html -f
RewriteRule ^ /~user/%1.html [L]

RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} ^/(.*?)/?$
RewriteCond %{DOCUMENT_ROOT}/%1.html -f
RewriteRule ^ /%1.html [L]


# 2. 301 redirecting .html version
RewriteCond %{HTTPS} on
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /~user/([^\ ]+)\.html
RewriteCond %1 !foo$
RewriteRule ^ /~user/%1 [L,R=301]

RewriteCond %{HTTPS} off
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /([^\ ]+)\.html
RewriteCond %1 !foo$
RewriteRule ^ /%1 [L,R=301]


# 3. typing /foo.html to resolve to / as well as typing /foo to resolve to / 
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} ^/~user/(.*?/?)foo(\.html)?$
RewriteRule ^ /~user/%1 [L,R=301]

RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} ^/(.*?/?)foo(\.html)?$
RewriteRule ^ /%1 [L,R=301]

Now for the /baz and /baz.html to redirect to SSL, you'd need to add this before any of the rules (right under RewriteEngine On) in your domain.com document root (the non-SSL one):

EDIT: since the document root is the same, you need to add the condition to check whether it's SSL or not

RewriteCond %{HTTPS} off
RewriteRule ^/?baz(\.html)?/?$ http://shared.host.com/~user/baz [L,R=301]
Jon Lin
  • 142,182
  • 29
  • 220
  • 220
  • I guess there is some misconception involved here. Either that or a massive confusion from my side. I think I'm understanding what you propose, but the actual document root is the very same for both /(unsecured) and /~user(secured w/ shared ssl), i.e. I cannot upload a distinct htaccess as it'd need to be at the very same actual directory. Please let me know if access to the actual site would be needed for you to try it yourself and see what I'm talking about (I haven't found an opportunity to PM). Thanks for your time involved. – Thomas Kuhn Oct 22 '12 at 06:36
  • @ThomasKuhn See my edits. If they're the same document root (which is really quite a mess), then you need to do an SSL check *for every rule* – Jon Lin Oct 22 '12 at 06:45
  • This is really quite a mess (seems to be quite standard at hosters though). I guess I need to experiment with this in a staging environment before messing with the production server. That said, while (I think) I get what you're saying, I'm confused by the /~user/ references in the now revised htaccess. Isn't that a mistake considering that I have ONE document root that is accessible via hxxp://yourdomain.com/ and hxxps://shared.host.com/~user/ respectively? I mean, wouldn't be / the right reference to the document root for both the unsecured and the SSL case? – Thomas Kuhn Oct 22 '12 at 07:04
  • @ThomasKuhn It's different because the URI is different. For non-SSL, the requested URI is `/baz`, but for SSL, the requested URI is `/~user/baz`. You can't match agaist a request that is different like that using thes same rules. – Jon Lin Oct 22 '12 at 07:08
  • OK, this is understood. One last question before messing with the staging environment: If I understand all your code/suggestions correct, wouldn't I need additional %{HTTPS} on conditions that redirect requests to /foo, /bar, /whatever (except /baz) to the non-SSL version of these pages. Otherwise (I guess) I would be in SSL env forever once I navigated to /baz considering that I have relative links to all pages in navbar. Is this assumption correct? – Thomas Kuhn Oct 22 '12 at 07:30
  • @ThomasKuhn Not sure what you're asking. The above has a condition to check against the `%{HTTPS}` variable for every rule. – Jon Lin Oct 22 '12 at 08:03
  • Sure, but that's not what I'm asking. I'm wondering about the following: Consider that I'm at e.g. /bar (non-SSL) and request /baz, I'd be redirected to SSL /~user/baz. But now, I guess, if I'm (then) at /~user/baz (SSL) and request /bar from there, I wouldn't be served the non-SSL version /bar but the SSL version /~user/bar and thus I ask if I need to define conditions for every single page (except /baz) to be redirected to the non-SSL when requested from /baz, i.e. /~user/baz (SSL). At least that is what common-sense-logic tells me ... – Thomas Kuhn Oct 22 '12 at 08:28
  • ... Otherwise, I guess, I would never exit SSL again once I entered /baz, i.e. /~user/baz from whatever other page /foo, /bar, /whatever and would get served SSL versions of all pages strictly afterwards. – Thomas Kuhn Oct 22 '12 at 08:29
  • @ThomasKuhn if all of your links are relative, you could simply try adding `` to the header of all your pages. That way every link goes to the non-SSL first, even `/baz`, but `/baz` will automatically redirect to the SSL version. – Jon Lin Oct 22 '12 at 08:40
  • OK, thanks for your answer. I'll try all this and get back once I have a definite result. – Thomas Kuhn Oct 22 '12 at 08:44