0

I have a problem while trying to access a page via https. Iam using Codeigniter and Ion Auth

This is my config:

$config['base_url'] = "http".((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == "on") ? "s" : "")."://".$_SERVER['HTTP_HOST'].str_replace(basename($_SERVER['SCRIPT_NAME']),"",$_SERVER['SCRIPT_NAME']);

This is my .htaccess file

<IfModule mod_rewrite.c>
RewriteEngine on
Options +FollowSymLinks
RewriteBase /

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1

RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} (auth|login|pages)
RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [R=301]

RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !(css|images|js|style)
RewriteRule ^(.*)$ http://%{SERVER_NAME}%{REQUEST_URI} [R=301]
</IfModule>

<IfModule !mod_rewrite.c>
ErrorDocument 404 /index.php
</IfModule>

Error 310 (net::ERR_TOO_MANY_REDIRECTS): There were too many redirects.

The webpage at https://subdomain.domain.tld/auth/login has resulted in too many redirects.

RednBlack
  • 104
  • 3
  • 18

1 Answers1

0

You are redirecting to a non-SSL page if the user visits via https which redirects back to https:

RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} (auth|login|pages)
RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [R=301]

This sends the user to https (which will trigger the below Cond)

RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !(css|images|js|style)
RewriteRule ^(.*)$ http://%{SERVER_NAME}%{REQUEST_URI} [R=301]

this redirects the user back to http which will redirect it back here ad infinitum

try this for your %{HTTPS} on condition:

RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !(css|images|js|style)
RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [R=301]

(notice the https in the RewriteRule)

stormdrain
  • 7,915
  • 4
  • 37
  • 76