Https / Secure site

Holmis · #1 11-23-2006, 06:55 AM

Hi everyone.

I was wondering if it is possible to make my site https upon first logging on to the site.

For example:

A user inputs http://www.mydomain.com and automatically goes to https://www.mydomain.com

Is this possible with shared ssl or do I have to buy a private one?

Regards,

Holmis

quietFinn · #2 11-23-2006, 08:41 AM

Quote:

Originally Posted by Holmis

Hi everyone.

I was wondering if it is possible to make my site https upon first logging on to the site.

For example:

A user inputs http://www.mydomain.com and automatically goes to https://www.mydomain.com

Is this possible with shared ssl or do I have to buy a private one?

Regards,

Holmis

That is not possible with shared ssl.

slapshotw · #3 11-23-2006, 01:09 PM

You can do it using an htaccess mod_rewrite command. I do this exact thing with my webmail installation, to make sure everybody accesses it securely.

Let me know if you want the lines I use.

Holmis · #4 11-23-2006, 01:18 PM

Quote:

Originally Posted by slapshotw

You can do it using an htaccess mod_rewrite command. I do this exact thing with my webmail installation, to make sure everybody accesses it securely.

Let me know if you want the lines I use.

That would be great!

Thanx

quietFinn · #5 11-23-2006, 06:42 PM

Quote:

Originally Posted by slapshotw

You can do it using an htaccess mod_rewrite command. I do this exact thing with my webmail installation, to make sure everybody accesses it securely.

Let me know if you want the lines I use.

Maybe I misunderstood, but I thought that the question was not about how to redirect to a secure site, but can you use https://www.yourdomain.com using shared ssl.

And the answer is: No. You need private ssl for that.

But to redirect from the non-secure address to secure you can use .htaccess.

slapshotw · #6 11-23-2006, 11:57 PM

Let me explain my setup before I paste this. My domain's in my signature if you want to look, but i'll use an example domain in this post. I keep my webmail at domain.com/email. I have my ssl installed on www.domain.com, so putting a secure connection on email.domain.com would give a popup. So i have email.domain.com (which my clients know) redirect to http://www.domain.com/email. I also have another redirect which says if somebody goes to http://www.domain.com/email, they get sent to https:// that. Here it is:

Code:

RewriteEngine on
RewriteCond %{HTTP_HOST} ^email.domain.com$ [OR]
RewriteCond %{HTTP_HOST} ^www.email.domain.com$
RewriteRule ^(.*)$ https://www.domain.com/email [R=301,L]

RewriteEngine On 
RewriteCond %{HTTPS} off 
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

I hope that helps.

cjnoyes · #7 11-24-2006, 04:40 AM

You must have private ssl.

In this you would have to redirect using the shared ssl path to your server without private ssl