Lunarpages Web Hosting Forum

Author Topic: Accidental HTTPS gets blank page.  (Read 7242 times)

Offline rvicker

  • Spacescooter Operator
  • *****
  • Posts: 42
    • http://www.vicker.com
Accidental HTTPS gets blank page.
« on: June 14, 2016, 06:31:56 AM »
I've got some users that are using WordPress (so PHP) on their sites and are not using SSL.

The problem is if someone keys in HTTPS... instead of HTTP... they get a blank page since SSL is not activated and would not apply to the PHP (per LunarPages) pages anyway.

Is there a way to redirect HTTPS back to HTTP or present the PHP pages anyway?
Roger Vicker, CCP

*** Vicker Programming and Service *** Have bits will byte *** www.vicker.com ***
Do not adjust your mind. The fault lies with reality.

Offline MrPhil

  • Senior Moderator
  • Berserker Poster
  • *****
  • Posts: 6429
Re: Accidental HTTPS gets blank page.
« Reply #1 on: June 14, 2016, 09:01:19 AM »
It depends on precisely which server and how it's set up, but one of the two following .htaccess entries might work:

Code: [Select]
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

Code: [Select]
RewriteEngine On
RewriteCond %{SERVER_PORT} 443
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

http://stackoverflow.com/questions/12999910/https-to-http-redirect-using-htaccess

Update: Note that I would prefer hard coding the domain name, and using $1, in the rewrite rule. This is especially important if you want to force "www." usage on or off. The rewrite rule would be
Code: [Select]
RewriteRule  (.*)  http://www.mydomain.com/$1  [R=301,L]
« Last Edit: May 16, 2018, 08:46:23 AM by MrPhil »
Visit My Site

E-mail Me
-= From the ashes shall rise a sooty tern =-

Offline MrPhil

  • Senior Moderator
  • Berserker Poster
  • *****
  • Posts: 6429
Re: Accidental HTTPS gets blank page.
« Reply #2 on: October 17, 2018, 07:34:21 AM »
Just a note that use of SSL (https) is now highly recommended, even if you're not transferring sensitive information back and forth. Your search engine ranking will suffer if your site is still non-SSL (http). Most, if not all, of Lunarpage's servers* now offer free SSL (no need to buy a dedicated IP address or an SSL certificate), so there's really no excuse not to go with SSL.

If you decide to go SSL sitewide, remember to update any application configuration to produce https links rather than http links (as well as canonical tags, resource links, etc.). Also add code to your .htaccess file to change incoming http URLs to https. The following will usually do the job:
Code: [Select]
RewriteEngine on
RewriteCond  %{HTTPS}  off  [OR]
RewriteCond  %{HTTP_HOST}  !^www\.  [NC]
RewriteRule  ^(.*)$  https://www.mysite.com/$1  [R=301,L]
Note that this is forcing www in your domain name at the same time. It's good to be consistent with (or without) www so that search engines don't get confused over which one is preferred. If you want non-www, modify the last two lines above:
Code: [Select]
RewriteCond  %{HTTP_HOST}  ^www\.  [NC]
RewriteRule  ^(.*)$  https://mysite.com/$1  [R=301,L]
Note that subdomains and add-on domains may not work with the above code, and you have to get fancier.

If you are on a Windows server, you may have to achieve this in some other way (.htaccess may be ignored).

* the shared servers, anyway. I don't know for sure about VPS/cloud/private servers.
« Last Edit: October 17, 2018, 08:51:53 AM by MrPhil »
Visit My Site

E-mail Me
-= From the ashes shall rise a sooty tern =-