: Redirecting specific URL from HTTPS to HTTP Long time lurker, first time caller... I have a backend like admin.mysite.com which is able to use HTTPS (has a certificate installed, etc) - but

Posted in: #Apache #Http #Https #ModRewrite

Long time lurker, first time caller...

I have a backend like admin.mysite.com which is able to use HTTPS (has a certificate installed, etc) - but that admin portal is a CMS backend for a number of client sites (ie. clientsite.com) that are hosted on the same servers.

Everything works well here, but the problem is when a user tries to go to www.clientsite.com it complains about SSL (because of the wildcard one I have installed for *.mysite.com). I would like to figure out a way to take that request and have it redirected to HTTP instead so they do not see this certificate error.

I can't do this via SSL termination, as HAProxy decrypts the request at the load balancer level and does not pass it to the backend. Which is the only way HAProxy can read HTTP headers I believe, so the client would still see an SSL error here.

My only other thought is to try a rewrite rule in Apache - but a conditional one.

So for example *.mysite.com can go SSL - but any other request that doesn't have that domain needs to be forced back to HTTP without seeing that pesky certificate warning.

Is this possible?

10.02% popularity Vote Up Vote Down

: Can html go in the ErrorDocument value internally in httpd.conf? According to apache documentation, the final parameter of ErrorDocument can be specified as a path, URL or text to any error code.

@Angela700

Posted in: #Apache #Error #Html

1 Comments

: What are the pros/cons of using remote DB As the question says, I want to know if is good or bad idea to use a remote database, and what pros and cons does this practice have.

@Angela700

Posted in: #Database

2 Comments

: Restrict google from indexingcertain content on my page I have an ecommerce shop with ~10 000 items. I wrote parser to load this items to my website from another website. But items description

@Angela700

Posted in: #Google #Seo #Yandex

1 Comments

: Where are these spammy posts generated from? While doing a a random Google search, I realized that my WordPress blog is populated with several spammy posts. Ex: (intentionally delinked) http://example.com/2016/02/06/free-dow

@Angela700

Posted in: #Nginx #Spam #Wordpress

1 Comments

Login to post a comment!

2 Comments

Sorted by latest first Latest Oldest Best

@Hamaas447

I would NOT do ssl unless it is a SHA2 official CERT and unless you have control of httaccess folder redirections.
Run a Google search for: "FORCING ssl via htaccess"

(Note that Google Chrome may show you an error on a CERT if it is a SHA1).

10% popularity Vote Up Vote Down

@Holmes151

My only other thought is to try a rewrite rule in Apache - but a conditional one.
:
Is this possible?

Unfortunately not. The user sees the certificate error long before the request hits your server-side code.

The only way to fix a certificate error is to fix the certificate. If this was not the case then security could be bypassed.

the problem is when a user tries to go to www.clientsite.com

Although, why is the user trying to go to ...? Are they following a link?

10% popularity Vote Up Vote Down

Feed

: Redirecting specific URL from HTTPS to HTTP Long time lurker, first time caller... I have a backend like admin.mysite.com which is able to use HTTPS (has a certificate installed, etc) - but

More posts by @Angela700

: Can html go in the ErrorDocument value internally in httpd.conf? According to apache documentation, the final parameter of ErrorDocument can be specified as a path, URL or text to any error code.

: What are the pros/cons of using remote DB As the question says, I want to know if is good or bad idea to use a remote database, and what pros and cons does this practice have.

: Restrict google from indexingcertain content on my page I have an ecommerce shop with ~10 000 items. I wrote parser to load this items to my website from another website. But items description

: Where are these spammy posts generated from? While doing a a random Google search, I realized that my WordPress blog is populated with several spammy posts. Ex: (intentionally delinked) http://example.com/2016/02/06/free-dow

Login to post a comment!

2 Comments

Back to top | Use Dark Theme