Re: [cobalt-users] Redirect http to https

["Jamie Martino" <webmaster1@xxxxxxx>]

> > > why can't you just have a simple redirect?
> > >
> > > http://www.yoursite.com/index.html
> > >
> > > which contains
> > >
> > > <meta http-equiv="refresh" content="0;
url=https://secure.yoursite.com";>
> > >
> > > too easy?
> > >
> >
> > If a user goes directly to the page securely (e.g.
> > https://www.yoursite.com/index.html) it will still refresh although it
is
> > already over SSL. Not really a problem but maybe slightly annoying....
>
> you mean you are going to put the secure site and the non-secure site
> together under the same directory?
>
> I cannot see why you would want to do that, why would you mix secure and
> non-secure files on the same path?

Ummm, "https" does not "protect" or "secure" anything on the server..  It
only "protects" or "secures" information transmitted between the server and
the client..  So setting them to the same path is the way it is supposed to
be done..

You should be able to access both http://www.domain.com/index.htm AND
https://www.domain.com/index.htm and get the same page, only one is
encrypted and one is not..

I would use a rewrite command in httpd.conf, though I am unsure of what
exactly the command would be, but couldn't you just change the following:

RewriteRule ^/(.*)                      http://www.domain.net/$1 [L,R]
to
RewriteRule ^/(.*)                      https://www.domain.net/$1 [L,R]

Or you could make your homepage called "home.htm" or something and make an
index.html file and put the following in it:
<meta http-equiv="refresh" content="0;url=https://www.domain.com/home.htm";>

Hope this helps...

-Jamie-
http://w-c.net
WebConnection.Net, Inc.
In a mad world, only the mad are sane...