Magento secure and unsecure url redirection issue

magento.stackexchange https://magento.stackexchange.com/questions/15925

Question

I am facing issue regarding redirection.

My system has been already live.Google already cached all pages with https .

In past my secure url and unsecured were both https://www.example.com.

But now 

secure url is https://www.example.com
unsecured  url is http://www.example.com

Now, I want to and trying to configure url like this

checkout and customer urls are open   with https://www.example.com(Woking )
other all urls are open like http://www.example.com(Working)

Issue:

As my all pages are cached as https in google so,
my other all urls are open with https

But,i want to redirect https non checkout and non customer url to http Using htaccess

all pages is cache in google with https.That if an non-customer/non-checkout url is coming with https, then it should be redirect to http

Here, i have done the following changed in admin:

Base URL>secure url>https://www.abc.com
Base URL>unsecure url>http://www.abc.com
Use Secure URLs in Frontend=yes
Was it helpful?

Solution 4

As i use cloudflare and it redirection logic is different

To redirect a user from HTTP to HTTPS, you can use the following: 

  RewriteCond %{HTTP:CF-Visitor} '"scheme":"http"'
    RewriteRule ^(.*)$ https://www.domain.com/$1 [L]

When using Flexible SSL with CloudFlare, your origin server will always accept requests over HTTP (port 80). In order to properly redirect a user surfing securely over HTTPS, you should modify your rewrite rules to use the CF-Visitor HTTP header. The CF-Visitor header contains the following: 

CF-Visitor: {"scheme":"http"}

or
CF-Visitor: {"scheme":"https"}

To redirect a user from HTTP to HTTPS, you can use the following: 

RewriteCond %{HTTP:CF-Visitor} '"scheme":"http"'
RewriteRule ^(.*)$ https://www.domain.com/$1 [L]

Similarly, to require all traffic go over HTTPS on CloudFlare, you can use the following: 

RewriteCond %{HTTP:CF-Visitor} !'"scheme":"http"'
RewriteRule ^(.*)$ https://www.domain.com/$1 [L]

OTHER TIPS

This code for solved this problem

Options +FollowSymLinks
    RewriteEngine on


RewriteEngine on
RewriteCond %{SERVER_PORT} ^443$
RewriteRule ^(shop|blog|stockists|inthepress|contacts|review|home) http://www.example.com%{REQUEST_URI} [R=301,L]

RewriteCond %{HTTPS} on
RewriteRule ^$ http://%{HTTP_HOST} [L,R]

Thanks!!!!!!!!

I actually combat this using a core controller over-ride. Without this, Google could in-theory penalise you for duplicate content as it will see the HTTPS AND HTTP versions of your site, having the same content. I've written a blog post on it, but I've not posted it yet - but basically, Magento includes the functionality to redirect you to a HTTPS page when required (i.e. checkout, account area etc) however, it doesn't provide the opposite.

This approach has the added benefit of not needing to alter your .htaccess file each time that you add a new secure URL. It also means, you don't miss anything.

The function is called in app/code/core/Mage/Core/Controller/Varien/Router/Standard.php. Luckily, as this is a Controller file, it means that we can copy it to our local folder, and over-ride the method. So, copy app/code/core/Mage/Core/Controller/Varien/Router/Standard.php to app/code/local/Mage/Core/Controller/Varien/Router/Standard.php.

In Magento 1.7 and 1.8, you need to look at the function _checkShouldBeSecure - around line 427 of your newly copied file.

Alter this function to:

protected function _checkShouldBeSecure($request, $path='')
{
    if (!Mage::isInstalled() || $request->getPost()) {
        return;
    }

    if ($this->_shouldBeSecure($path) && !Mage::app()->getStore()->isCurrentlySecure()) {
        $url = $this->_getCurrentSecureUrl($request);

        Mage::app()->getFrontController()->getResponse()
            ->setRedirect($url)
            ->sendResponse();
        exit;
    } elseif (!$this->_shouldBeSecure($path) && Mage::app()->getStore()->isCurrentlySecure()) {
        $url = $this->_getCurrentUnsecureUrl($request);

        Mage::app()->getFrontController()->getResponse()
            ->setRedirect($url)
            ->sendResponse();
        exit;
    }
}

Now, add the function:

protected function _getCurrentUnsecureUrl($request)
{
    if ($alias = $request->getAlias(Mage_Core_Model_Url_Rewrite::REWRITE_REQUEST_PATH_ALIAS)) {
        return Mage::getBaseUrl('link', false).ltrim($alias, '/');
    }

    return Mage::getBaseUrl('link', false).ltrim($request->getPathInfo(), '/');
}

You need to modify your .htaccess file something like below 

   RewriteEngine On
    RewriteCond %{HTTPS} on
    RewriteEngine On

    # From https to http
    RewriteCond %{REQUEST_URI} !^/checkout/onepage/
    RewriteCond %{REQUEST_URI} !^/customer/account/
    RewriteCond %{REQUEST_URI} !^/checkout/multishipping/login/
    RewriteCond %{REQUEST_URI} !^/wishlist/
    RewriteCond %{REQUEST_URI} !^/index.php/admin/dashboard/index/key/
    RewriteRule ^(.*)$ http://www.example.com/$1 [L,R=301]

And set "Auto-redirect to Base URL" to NO under System -> Configuration -> Web -> Url Options

You can go through articles on Google how to redirect from https to http for more detailed information.
Hoping this will give you some help.

Licensed under: CC-BY-SA with attribution
Not affiliated with magento.stackexchange
scroll top