通过HTaccess强制SSL

Here are some questions I have about SSL.

RewriteEngine On
RewriteCond %{SERVER_PORT} 80 
RewriteCond %{REQUEST_URI} somefolder 
RewriteRule ^(.*)$ https://www.domain.com/somefolder/$1 [R,L]

Above is code to force everything to go to SSL via HTAccess. Is there a way I can restrict this code to a specific IP Address. I want to force SSL for just my IP address so that I can test the site thoroughly using the new SSL links, and see (make sure) everything is working before taking it live to the live site. Testing with just my IP would be a lot easier.
Is SSL going to interfere with any get/posts? Meaning...if I use that code above, and someone is on a page..and they submit a form, it's going to force them into SSL, is that going to be considered a redirect and clear out any post/get variables? I just want to try to find out ahead of time if it's going to mess up anything I have running.
Have any of you had any situations where you forced SSL then had a lot of issues with the site not working right?

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

2条回答默认最新

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
douzuan2814 2012-04-10 15:47
关注
If you want to make sure your site works well with HTTPS, turn off plain HTTP (assuming it's for whole server), or use Apache Httpd directives (in .htaccess or in the main configuration) that make the pages that need to be served over HTTPS return an error (e.g. 404) when they're accessed over plain HTTP. You could achieve this for a specific IP address by using Deny from xxxxxxx.

Don't rely on mod_rewrite or similar to redirect plain HTTP requests to their HTTPS equivalent. This will at best hide problems and cause a false sense of security.

The reason for this is that, even with a redirect, the initial requests are made in clear before being redirected: make sure all the references use https:// URIs before making use of them. You can find more details in this answer.

本回答被题主选为最佳回答 , 对您是否有帮助呢?

解决无用
评论打赏
分享
举报

评论

按下Enter换行，Ctrl+Enter发表内容

查看更多回答(1条)

报告相同问题？

关注问题

通过HTaccess强制SSL php ssl
2012-04-10 14:26

回答 2 已采纳 If you want to make sure your site works well with HTTPS, turn off plain HTTP (assuming it's for w
.htaccess强制HTTPS apache php
2016-06-08 18:07

回答 1 已采纳 You can use this rule in your root .htaccess: RewriteEngine On RewriteCond %{HTTP:X-Forwarded-Pr
使用.htaccess和mod_rewrite强制SSL / https https php ssl
2010-12-09 13:56

回答 11 已采纳 For Apache, you can use mod_ssl to force SSL with the SSLRequireSSL Directive: This directive
.htaccess 安全性_使用.htaccess强制安全（SSL）页面
2020-08-05 23:24

culuo8053的博客 Updated 11/3/2015: Added R=301 to ensure redirects are 301 permanent. 2015年1月1日更新：添加了R=301以... A while back, I shared a method for forcing a secure page using PHP. What if you want to force...
如何通过htaccess删除index.php [高级] php
2017-05-09 21:57

回答 1 已采纳 Try the following at the top of your .htaccess file: RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /ind
htaccess和php路由 php
2018-07-05 20:35

回答 2 已采纳 It's likely that the URL is being rewritten more than once. The first time rewrites /Hello to tes
使用PHP启用/禁用htaccess？ html5 php
2019-01-25 23:38

回答 2 已采纳 You'll want to do this: Basically redirect all requests to a php file which then does the access
.htaccess php设置,.htaccess更改php的配置
2021-04-29 07:17

ParadoxSH的博客 php_value 在.htaccess 中的使用1、php_value memory_limit 64M //设置记忆缓存大小2、ErrorDocument 404 errors/404.html //指定404错误的页面3、DirectoryIndex index.html index.php index.htm //设置首页默认...
api.php的Htaccess异常 php
2019-07-23 17:53

回答 1 已采纳 The redirect above is caused by the HTTP to HTTPS redirect which is caused by the second rule. If
WordPress SSL通过Cloudflare重定向 php ssl
2017-07-25 12:01

回答 2 已采纳 You can redirect to HTTPS using action hook as well. Add the below code in your **functions.php**
Htaccess重写/重定向.php php
2018-10-15 09:39

回答 1 已采纳 try this : RewriteEngine On RewriteCond %{THE_REQUEST} ^\w+\ /(.*)\.php(\?.*)?\ HTTP/ RewriteRul
php ssl证书 laravel,php – 强制Laravel使用HTTPS版本
2021-04-22 02:29

CYDYSY的博客我有一个laravel网站,我正在尝试使用SSL来解决所有问题.虽然看来Laravel想要使用http代替.例如,我使用了表单元素,并且该方法自动发送到http.同样的事情使用内置样式,脚本链接,我改变所有静态工作(常规ol’HTML).我...
通过htaccess从url中删除index.php apache php
2013-12-19 04:04

回答 4 已采纳 Options +FollowSymLinks -MultiViews # Turn mod_rewrite on RewriteEngine On RewriteBase / RewriteC
Apache网站部署SSL证书开启https访问，强制http跳转https
2023-05-10 17:45

autotian的博客本教程分为SSL证书安装和强制http跳转https两部分。
mac xampp php ssl,Linux系统 xampp环境https SSL证书设置
2021-05-04 03:05

蒋叶光的博客准备从腾讯云后台SSL证书管理里下载证书1一、上传文件解压出来以后有三个文件：1_root_bundle.crt2_www.xxxxx.com.crt3_www.xxxxx.com.key将1_root_bundle.crt文件上传到/opt/lampp/etc目录下将2_www.xxxxx.com.crt...
phpstudy启用php扩展ssl模块,phpstudy服务器配置SSL时Apache无法启动解决
2021-04-22 12:26

low sapkj的博客第一步：启用PHP扩展ssl模块第二步：打开httpd.ini配置文件LoadModule ssl_module modules/mod_ssl.so 将这行的注释的“#”去掉Include extra/httpd-ssl.conf 将这行的注释的“#”去掉接下来：extra/httpd-ssl.conf...
宝塔多域名-某一域名开启SSL双向认证
2021-07-17 14:11

漫游游²º¹²的博客 NGINX SSL 双向认证
php设置强制https,Apache环境下几种http强制跳转https设置方法
2021-04-16 13:56

weixin_42627812的博客目前为站点安装SSL证书开启https加密访问已经是件很简单的事了，主要是免费SSL证书的普及，为大家提供...而Apache环境下通过修改.htaccess 配置文件来设置。设置方法下面规则中使用的域名是www.fanchao.cc或fanchao...
PHP虚拟主机安装SLL,虚拟主机ssl证书安装
2021-04-18 15:12

格秒索杉的博客现阶段云虚拟主机只能php服务器兼容SSL证书，广东金网科技小编详细介绍下操作流程。1、最先发送您的apache证书到FTP的web文件目录下。2、登录云虚拟主机的自助式管理系统，寻找自助式管理系统的安全工作，有一个...
没有解决我的问题, 去提问

悬赏问题

¥40 复杂的限制性的商函数处理
¥15 程序不包含适用于入口点的静态Main方法
¥15 素材场景中光线烘焙后灯光失效
¥15 请教一下各位，为什么我这个没有实现模拟点击
¥15 执行 virtuoso 命令后，界面没有，cadence 启动不起来
¥50 comfyui下连接animatediff节点生成视频质量非常差的原因
¥20 有关区间dp的问题求解
¥15 多电路系统共用电源的串扰问题
¥15 slam rangenet++配置
¥15 有没有研究水声通信方面的帮我改俩matlab代码

通过HTaccess强制SSL

2条回答 默认 最新

悬赏问题

2条回答默认最新