2

So, here is the situation:

We are running a website which is powered by Drupal. Sometime ago, it was decided that the website should be served as SSL. The settings to redirect the site from http to https was done by a guy who is not with us anymore.

I can see in the .htaccess file the following lines

#Redirect http to https
RewriteEngine On  
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://docs.dev.domain.com/$1 [R,L]

mydomain.com points to the root of the LAMPP server and my site is in a folder inside the webroot (docs.dev.domain.com/mysite).

Now, it has been decided that the SSL is not needed and it has to be removed and all the pages must be served via http (301 redirect).

When I do that in the .htaccess file by using the RewriteRule to redirect a URL (e.g. https://docs.dev.domain.com/mysite/content/book) to http when a user visits https by using:

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^ index.php [L]


#Redirect HTTPS to HTTP
RewriteCond %{SERVER_PORT} ^443$
#RewriteCond %{HTTPS} on
RewriteRule ^(.*)$ http://docs.dev.domain.com/mysite/$1 [R=301,L]
#even tried this - RewriteRule ^(.*)$ http://docs.dev.domain.com/$1 [R=301,L]

but it redirects every request on https to http://mydomain.com/mysite/index.php (even the urls like (https://docs.dev.domain.com/mysite/content/book/1 which should ideally be redirected to its http counterpart).

How can I remove the https so that my dynamic URLs are served via plain http? Sorry if this is very novice problem.

Ajit S
  • 1,341
  • 1
  • 13
  • 32

2 Answers2

1

This is happening because you have a routing rule before the redirect. The rewrite engine will loop until the URI comes back unchanged, and at that point, it evaluates if the URI needs to be passed onto other modules in order to handle redirecting or proxying.

That means your request is getting routed to index.php, then the rewrite engine loops, then it sees that the request (which at this point is simply /index.php) needs to be redirected, so the request gets flagged to be redirected. Then mod_rewite redirects, but by now, the URI is mangled by your routing rule.

You need to swap the order:

RewriteCond %{HTTPS} on
RewriteRule ^(.*)$ http://docs.dev.domain.com/mysite/$1 [R=301,L]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^ index.php [L]
Jon Lin
  • 142,182
  • 29
  • 220
  • 220
1

Enabling SSL or disabling it in Drupal has very easy method by enabling/disabling a module. You should check the module name securepages & if it is there you just need to disable it for disabling HTTPS... Then you can go to your YOURSITE/sites/default & look into settings.php & if $base_url is defined then just remove the 'S' from 'HTTPS'.

You are done...

I don't think that guy enabled it from .htaccess & so I gave my answer even after you solved it by Jon Lin answer..

RajeevK
  • 418
  • 4
  • 14
  • We had to purchase the SSL certificates in order to enable HTTPS as the site is on production server. And also we had a look at the securepages module and it seems that it doesn't have a stable version for D7; so cannot use that on production server. So, we were only left with the option to do it via `.htaccess`. Anyways, Thank you for the answer. You have my +1 :-) – Ajit S Jan 24 '13 at 06:28
  • You didn't mention the version & I use it on several sites made in D6.. I hope it will have stable version in D7 soon... – RajeevK Jan 24 '13 at 06:40