开发者

Redirecting http to https for a directory, via .htaccess, using mod_alias only

I have the common problem of wanting to redirect requests for a certain restricted access directory from http to https, so that users' login credentials are sent in a secure way.

However, I do not have mod_rewrite enabled on my server. I only have mod_alias. This means I have to use the RedirectMatch command. I can't use the usual solutions that use RewriteCond and RewriteRule.

(A note on the politics: I am a small-fry subsite maintainer in a very large organisation, so the server admins are unlikely to be willing to change the server config for me!)

The following line works, but forms an infinite loop (because the rewritten URL is still caught by the initial regular expression):

RedirectMatch permanent ^/intranet(.*)$ https://example.com/intranet$1

One of my internal IT guys has suggested I avoid the infinite loop by moving the files to a new directory with a new name (eg /intranet2/). That seems pretty ugly to me. And people could still accidentally/deliberately revert to an insecure connection by visiting http://example.com/intranet2/ directly.

Then I tried this, b开发者_开发技巧ut it didn't work:

RedirectMatch permanent ^http:(.*)/intranet(.*)$ https://example.com/intranet$1

I suspect it didn't work because the first argument must be a file path from the root directory, so it can't start with "http:".

So: any better ideas how to do this?


mod_alias directives work on request URIs (the stuff that comes after the domain name in a URL), which are not paths or URLs. You can't match against the scheme.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜