6

Hey people. I see that this topic is repeated over and over on SO but I tried several solutions posted here and none of them worked quite for me. So basically - I know how to change specific pages on my website so that they're in https mode. However, I dunno how to rewrite the http requests that are INSIDE the code. So for example, if my page, say, payment.php, contains link that loads external ccs file like this -> http://example.com/somecss.css then google chrome will see it as dangerous link and display cross-red padlock next to site url. Now, I've tested it manually by changing all the http requests inside the code to https and the padlock magically became green so I guess I need some kind of mod rewrite rule that would rewrite all the links on those specific pages so that they would contain https. I hope I explained it well enough. Can anyone help me? I'm using codeigniter.

Pavel
  • 5,213
  • 10
  • 34
  • 47

2 Answers2

3

To rewrite the http requests inside the code you have to use protocol-relative paths there. 

<link rel="stylesheet" href="//www.domain.com/style.css"> 
<script src="//www.domain.com/script.js"></script>

It will automatically use the protocol of the parent page

Deepu S Nath
  • 1,164
  • 1
  • 17
  • 45
2

You have to make sure that the user is browsing your site over secure connection. You can redirect the user to secure connection (https://) using an .htaccess file containing the following lines:

RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

Please, note that the .htaccess should be located in the web site main folder.

In case you wish to force HTTPS for a particular folder you can use:

RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteCond %{REQUEST_URI} somefolder 
RewriteRule ^(.*)$ https://www.domain.com/somefolder/$1 [R,L]

The .htaccess file should be placed in the folder where you need to force HTTPS.

Deepu S Nath
  • 1,164
  • 1
  • 17
  • 45