View Full Version : [SOLVED] .htaccess https dropping paddlock/logo

04-20-2011, 03:18 PM

I have the below is my .htaccess to redirect login and signup.php to HTTPS, that part works.

The problem is with HTTP 301 redirect part.
It is removing the HTTPS/SSL Paddlock and logo depending on browsers, whenit has (.*) in the RewriteRule.

If I remove (.*) from the RewiteRule it doesn't always redirect back to http.

For example without (.*)
If I go to https://www.mydomain.tld - It redirects back to http

But if I got to https://www.mydomain.tld/faq.php - It doesn't redirect and stays on the https, which is not what I am looking for.

Also currently with the (.*) it has broken my login page.

# HTTPS 301 redirect on login.php and signup.php
RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^(login.php|signup.php)$ https://%{HTTP_HOST}/$1 [R=301,L]

# HTTP 301 redirect
RewriteCond %{SERVER_PORT} ^443$
RewriteCond %{REQUEST_URI} !^/(login.php|signup.php)$
RewriteRule ^(.*)$ http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

I have tried changing the * for a + and ? which didn't work, I also try changing %{REQUEST_URI} to /$1 which didn't work either

Can anyone help?

CBG aka Garry

04-20-2011, 05:40 PM
The paddle lock might be going away if on your login page the images and other resources are being loaded over HTTP instead of HTTPS while the page itself is on HTTPS. The browser would then consider it a mixed secure page.

04-20-2011, 05:47 PM

Yes I think it could be that or some other files.
I just ran a test with test.php which just had a link and a line of text, and it stayed on the https.

The link I put was a test like to see if it went back to http which is did.

Just need to find the problem in the file and fix it, thanks for looking.