Force SSL/https using .htaccess and mod_rewrite?

For Apache, you can use mod_ssl to force SSL with the SSLRequireSSL Directive : This directive forbids access unless HTTP over SSL (i.e. HTTPS) is enabled for the current connection. This is very handy inside the SSL-enabled virtual host or directories for defending against configuration errors that expose stuff that should be protected.

When this directive is present all requests are denied which are not using SSL This will not do a redirect to https though. To redirect, try the following with mod_rewrite RewriteEngine On RewriteCond %{HTTPS}! =on RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} L,R=301 or any of the various approaches given at http://www.askapache.com/htaccess/http-https-rewriterule-redirect.html You can also solve this from within PHP in case your provider has disabled .

Htaccess (which is unlikely since you asked for it, but anyway) if (!isset($_SERVER'HTTPS') || $_SERVER'HTTPS'! == 'on') { if(!headers_sent()) { header("Status: 301 Moved Permanently"); header(sprintf( 'Location: https://%s%s', $_SERVER'HTTP_HOST', $_SERVER'REQUEST_URI' )); exit(); } }.

For Apache, you can use mod_ssl to force SSL with the SSLRequireSSL Directive: This directive forbids access unless HTTP over SSL (i.e. HTTPS) is enabled for the current connection. This is very handy inside the SSL-enabled virtual host or directories for defending against configuration errors that expose stuff that should be protected.

When this directive is present all requests are denied which are not using SSL. This will not do a redirect to https though. To redirect, try the following with mod_rewrite RewriteEngine On RewriteCond %{HTTPS}!

=on RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} L,R=301 or any of the various approaches given at http://www.askapache.com/htaccess/http-https-rewriterule-redirect.html You can also solve this from within PHP in case your provider has disabled . Htaccess (which is unlikely since you asked for it, but anyway) if (!isset($_SERVER'HTTPS') || $_SERVER'HTTPS'! == 'on') { if(!headers_sent()) { header("Status: 301 Moved Permanently"); header(sprintf( 'Location: https://%s%s', $_SERVER'HTTP_HOST', $_SERVER'REQUEST_URI' )); exit(); } }.

PHP Solution Borrowing directly from Gordon's very comprehensive answer, I note that your question mentions being page-specific in forcing HTTPS/SSL connections. Function forceHTTPS(){ $httpsURL = 'https://'. $_SERVER'HTTP_HOST'.

$_SERVER'REQUEST_URI'; if( count( $_POST )>0 ) die( 'Page should be accessed with HTTPS, but a POST Submission has been sent here. Adjust the form to point to '. $httpsURL ); if(!isset( $_SERVER'HTTPS' ) || $_SERVER'HTTPS'!

=='on' ){ if(!headers_sent() ){ header( "Status: 301 Moved Permanently" ); header( "Location: $httpsURL" ); exit(); }else{ die( '' ); } } } Then, as close to the top of these pages which you want to force to connect via PHP, you can require() a centralised file containing this (and any other) custom functions, and then simply run the forceHTTPS() function. HTACCESS / mod_rewrite Solution I have not implemented this kind of solution personally (I have tended to use the PHP solution, like the one above, for it's simplicity), but the following may be, at least, a good start. RewriteEngine on # Check for POST Submission RewriteCond %{REQUEST_METHOD}!

^POST$ # Forcing HTTPS RewriteCond %{HTTPS}! =on OR RewriteCond %{SERVER_PORT} 80 # Pages to Apply RewriteCond %{REQUEST_URI} ^something_secure OR RewriteCond %{REQUEST_URI} ^something_else_secure RewriteRule . * https://%{SERVER_NAME}%{REQUEST_URI} R=301,L # Forcing HTTP RewriteCond %{HTTPS} =on OR RewriteCond %{SERVER_PORT} 443 # Pages to Apply RewriteCond %{REQUEST_URI} ^something_public OR RewriteCond %{REQUEST_URI} ^something_else_public RewriteRule .

* http://%{SERVER_NAME}%{REQUEST_URI} R=301,L.

I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.