• Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0

Cheap SSL and htaccess control

Guru ,
Oct 14, 2015 Oct 14, 2015

Copy link to clipboard

Copied

I have SSL certificates from three sources (GeoTrust, TrustWave, and now RapidSSL). I have never used RapidSSL before, and the certs are very cheap ($10.40).

In my htaccess files, I have the following directive (to force the protocol to always be HTTPS):

RewriteCond %{HTTPS} !=on

RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]

This has always worked for my previous certificates, but not with the cheap RapidSSL. It's as if the certificate authority is able to ignore the htaccess directive! How is that possible?

If I explicitly add the protocol to the address (https://website.com) then I get the secure connection, but I'm baffled that it doesn't work with the htaccess directive.

Anyone seen this before?

I could write PHP code that forces internal links to the log-in page, ecommerce, etc. to use https. . .or I could go back to the more expensive certificates.

Views

446

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
LEGEND ,
Dec 07, 2015 Dec 07, 2015

Copy link to clipboard

Copied

LATEST

Never saw this Rob but I'm curious, did you ever check what it thinks the $_SERVER["SERVER_NAME"] is?

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines