Magento secure and unsecure url redirection issue
-
22-10-2019 - |
Question
I am facing issue regarding redirection.
My system has been already live.Google already cached all pages with https .
In past my secure url and unsecured were both https://www.example.com.
But now
secure url is https://www.example.com
unsecured url is http://www.example.com
Now, I want to and trying to configure url like this
checkout and customer urls are open with https://www.example.com(Woking )
other all urls are open like http://www.example.com(Working)
Issue:
As my all pages are cached as https in google so,
my other all urls are open with https
But,i want to redirect https non checkout and non customer url to http Using htaccess
all pages is cache in google with https.That if an non-customer/non-checkout url is coming with https, then it should be redirect to http
Here, i have done the following changed in admin:
Base URL>secure url>https://www.abc.com
Base URL>unsecure url>http://www.abc.com
Use Secure URLs in Frontend=yes
Solution 4
As i use cloudflare and it redirection logic is different
To redirect a user from HTTP to HTTPS, you can use the following:
RewriteCond %{HTTP:CF-Visitor} '"scheme":"http"'
RewriteRule ^(.*)$ https://www.domain.com/$1 [L]
When using Flexible SSL with CloudFlare, your origin server will always accept requests over HTTP (port 80). In order to properly redirect a user surfing securely over HTTPS, you should modify your rewrite rules to use the CF-Visitor HTTP header. The CF-Visitor header contains the following:
CF-Visitor: {"scheme":"http"}
or
CF-Visitor: {"scheme":"https"}
To redirect a user from HTTP to HTTPS, you can use the following:
RewriteCond %{HTTP:CF-Visitor} '"scheme":"http"'
RewriteRule ^(.*)$ https://www.domain.com/$1 [L]
Similarly, to require all traffic go over HTTPS on CloudFlare, you can use the following:
RewriteCond %{HTTP:CF-Visitor} !'"scheme":"http"'
RewriteRule ^(.*)$ https://www.domain.com/$1 [L]
OTHER TIPS
This code for solved this problem
Options +FollowSymLinks
RewriteEngine on
RewriteEngine on
RewriteCond %{SERVER_PORT} ^443$
RewriteRule ^(shop|blog|stockists|inthepress|contacts|review|home) http://www.example.com%{REQUEST_URI} [R=301,L]
RewriteCond %{HTTPS} on
RewriteRule ^$ http://%{HTTP_HOST} [L,R]
Thanks!!!!!!!!
I actually combat this using a core controller over-ride. Without this, Google could in-theory penalise you for duplicate content as it will see the HTTPS AND HTTP versions of your site, having the same content. I've written a blog post on it, but I've not posted it yet - but basically, Magento includes the functionality to redirect you to a HTTPS page when required (i.e. checkout, account area etc) however, it doesn't provide the opposite.
This approach has the added benefit of not needing to alter your .htaccess file each time that you add a new secure URL. It also means, you don't miss anything.
The function is called in app/code/core/Mage/Core/Controller/Varien/Router/Standard.php
. Luckily, as this is a Controller file, it means that we can copy it to our local folder, and over-ride the method. So, copy app/code/core/Mage/Core/Controller/Varien/Router/Standard.php
to app/code/local/Mage/Core/Controller/Varien/Router/Standard.php
.
In Magento 1.7 and 1.8, you need to look at the function _checkShouldBeSecure
- around line 427 of your newly copied file.
Alter this function to:
protected function _checkShouldBeSecure($request, $path='')
{
if (!Mage::isInstalled() || $request->getPost()) {
return;
}
if ($this->_shouldBeSecure($path) && !Mage::app()->getStore()->isCurrentlySecure()) {
$url = $this->_getCurrentSecureUrl($request);
Mage::app()->getFrontController()->getResponse()
->setRedirect($url)
->sendResponse();
exit;
} elseif (!$this->_shouldBeSecure($path) && Mage::app()->getStore()->isCurrentlySecure()) {
$url = $this->_getCurrentUnsecureUrl($request);
Mage::app()->getFrontController()->getResponse()
->setRedirect($url)
->sendResponse();
exit;
}
}
Now, add the function:
protected function _getCurrentUnsecureUrl($request)
{
if ($alias = $request->getAlias(Mage_Core_Model_Url_Rewrite::REWRITE_REQUEST_PATH_ALIAS)) {
return Mage::getBaseUrl('link', false).ltrim($alias, '/');
}
return Mage::getBaseUrl('link', false).ltrim($request->getPathInfo(), '/');
}
You need to modify your .htaccess file something like below
RewriteEngine On RewriteCond %{HTTPS} on RewriteEngine On # From https to http RewriteCond %{REQUEST_URI} !^/checkout/onepage/ RewriteCond %{REQUEST_URI} !^/customer/account/ RewriteCond %{REQUEST_URI} !^/checkout/multishipping/login/ RewriteCond %{REQUEST_URI} !^/wishlist/ RewriteCond %{REQUEST_URI} !^/index.php/admin/dashboard/index/key/ RewriteRule ^(.*)$ http://www.example.com/$1 [L,R=301]
And set "Auto-redirect to Base URL" to NO under System -> Configuration -> Web -> Url Options
You can go through articles on Google how to redirect from https to http for more detailed information.
Hoping this will give you some help.