I have SSL certificates from three sources (GeoTrust, TrustWave, and now RapidSSL). I have never used RapidSSL before, and the certs are very cheap ($10.40).
In my htaccess files, I have the following directive (to force the protocol to always be HTTPS):
RewriteCond %{HTTPS} !=on
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
This has always worked for my previous certificates, but not with the cheap RapidSSL. It's as if the certificate authority is able to ignore the htaccess directive! How is that possible?
If I explicitly add the protocol to the address (https://website.com) then I get the secure connection, but I'm baffled that it doesn't work with the htaccess directive.
Anyone seen this before?
I could write PHP code that forces internal links to the log-in page, ecommerce, etc. to use https. . .or I could go back to the more expensive certificates.
1
Reply
AdChoices