Redirecting http to https for a directory, via .htaccess, using mod_alias only

844 views Asked by At

I have the common problem of wanting to redirect requests for a certain restricted access directory from http to https, so that users' login credentials are sent in a secure way.

However, I do not have mod_rewrite enabled on my server. I only have mod_alias. This means I have to use the RedirectMatch command. I can't use the usual solutions that use RewriteCond and RewriteRule.

(A note on the politics: I am a small-fry subsite maintainer in a very large organisation, so the server admins are unlikely to be willing to change the server config for me!)

The following line works, but forms an infinite loop (because the rewritten URL is still caught by the initial regular expression):

RedirectMatch permanent ^/intranet(.*)$ https://example.com/intranet$1

One of my internal IT guys has suggested I avoid the infinite loop by moving the files to a new directory with a new name (eg /intranet2/). That seems pretty ugly to me. And people could still accidentally/deliberately revert to an insecure connection by visiting http://example.com/intranet2/ directly.

Then I tried this, but it didn't work:

RedirectMatch permanent ^http:(.*)/intranet(.*)$ https://example.com/intranet$1

I suspect it didn't work because the first argument must be a file path from the root directory, so it can't start with "http:".

So: any better ideas how to do this?

1

There are 1 answers

0
Dan Grossman On

mod_alias directives work on request URIs (the stuff that comes after the domain name in a URL), which are not paths or URLs. You can't match against the scheme.