0

我正在尝试向网站添加一些安全页面。站点中的链接都使用当前协议(即独立于协议,路径以 开头//)。

我需要路径/info/season-tickets/*/ticketcontroller/*使用 https,所有其他人都使用 http。

我已经尝试构建规则来执行以下操作(暂时忽略票务控制器部分):

If Port==80 and Path==/info/season-tickets/, rewrite with https
If Port==443 and Path!=/info/season-tickets/, rewrite with http

但是,当我访问/info/season-tickets/而不是重定向到 https 版本时,我得到example.com/index.php/info/season-tickets

.htaccess 在下面 - 我的尝试在下面# Force https on certain pages# Force http everywhere else,其他位来自 Kohana 框架

# Turn on URL rewriting
RewriteEngine On

# Installation directory
RewriteBase /

# Force https on certain pages
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} ^/info/season-tickets/?
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

# Force http everywhere else
RewriteCond %{SERVER_PORT} 443
RewriteCond %{REQUEST_URI} !^/info/season-tickets/?
RewriteRule ^(.*)$ http://www.example.com/$1 [R,L]

# Protect hidden files from being viewed
<Files .*>
    Order Deny,Allow
    Deny From All
</Files>

# Protect application and system files from being viewed
RewriteRule ^(?:application|modules|system)\b index.php/$0 [L]

# Allow any files or directories that exist to be displayed directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d

# Rewrite all other URLs to index.php/URL
RewriteRule .* index.php/$0 [PT]

我尝试重新排序规则以查看是否修复了它,但它没有。

任何想法为什么这不起作用(http://htaccess.madewithlove.be/表明它应该起作用)......

谢谢!

4

1 回答 1

0

我已经解决了这个问题,不是用 htaccess,而是在 index.php 文件中(所有请求都通过这个)。

默认情况下,我假设 port 80。然后,如果$_SERVER['REQUEST_URI']在一组安全路径中,我将变量切换为443.

然后,如果$required_port != $_SERVER['SERVER_PORT'],我重定向和exit()

于 2013-01-16T13:26:47.507 回答