0

I have an HTTPS website hosted on Apache

I wrote a simple index php on https://website.com to create random folder https://website.com/a1b2c3/(RANDOM FOLDER) and redirect to the newly created (RANDOM) folder.

Everything works fine, but i lose HTTPS anytime it redirects, I get website.com/a1b2c3/(RANDOM FOlDER) instead of https://website.com/a1b2c3/(RANDOM FOlDER)

Page redirection to final url fails with ERR_CONNECTION_REFUSED even with HTTPS forced on .htaccess but if i type in with the https:// protocol, it works fine

Please help me out with i'm missing here

Below is my index.php'

**
<?php /* 
   

*/ ?>
<?php



setcookie("real", "OK");

$random = rand(0, 10000000);
$md5    = md5("$random");
$base   = base64_encode($md5);
$dst    = 'a1b2c3/'.md5("$base");

function dublicate($src, $dst)
{
    $dir = opendir($src);
    @mkdir($dst);
    while (false !== ($file = readdir($dir))) {
        if (($file != '.') && ($file != '..')) {
            if (is_dir($src . '/' . $file)) {
                dublicate($src . '/' . $file, $dst . '/' . $file);
            } else {
                copy($src . '/' . $file, $dst . '/' . $file);
            }
        }
    }
    closedir($dir);
}

$src = "def";
dublicate($src, $dst);


?>


<!DOCTYPE html>
<html>
<head>
    <title>Please wait...</title>
</head>
<body>

<div class="con">
    <div class="col">
        <div class="tbel">
            <div class="lor">
                <p style="color: white">Lorem ipsum dolor sit amet, consectetur adipisicing elit. Rerum asperiores optio perspiciatis labore minima, placeat dolore explicabo beatae earum neque perferendis necessitatibus, ex est inventore rem veniam numquam debitis soluta!</p>
            </div>
        </div>
    </div>
</div>

<a href="cloaker.php" style="color: white">Online</a>



</body>
 <script type="text/javascript">
    setTimeout(function(){
        window.top.location.href='<?php echo $dst."?".$_SERVER["QUERY_STRING"]; ?>';
    },1000)
 </script>
</html>
ADyson
  • 57,178
  • 14
  • 51
  • 63
Kingx
  • 41
  • 2
  • 8
  • You can do this through editing apache config files: https://stackoverflow.com/questions/16200501/how-to-automatically-redirect-http-to-https-on-apache-servers. For a pure PHP way (not recommended) check out https://stackoverflow.com/questions/5106313/redirecting-from-http-to-https-with-php – Bellator Mar 21 '23 at 04:20
  • _Where_ do you get `website.com/...`? In `$dst`, as the echoed string assigned to `location.href`, as the resolved URL in the browsers location bar, ...? Does assigning a scheme-relative `//a1b2c3/...`, path-absolute `/a1b2c3/...` or absolute `https://example.com/a1b2c3/...` URL to `location.href` help? – Oskar Grosser Mar 21 '23 at 10:49

0 Answers0