mercredi 29 avril 2015

Forcing SSL on signup but removing SSL on non-signup pages

I am using wordpress and I have the following two functions defined in wp-config.php:

define('FORCE_SSL_ADMIN', true);
define('FORCE_SSL_LOGIN', true);

But I am also wanting to force SSL on a signup page of however if I navigate to the signup-page then navigate elsewhere on the website it keeps https enabled unless I go to the homepage...

I want the entire website to be forced to have www. and the force the entire website to be non-SSL with the exception of login forms, admin pages, signup-page and custompage

I tried the following rules:

RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule ^/?$ http://%{SERVER_NAME}/ [R=301,L]

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(signup-page/.*)$ [R=301,L]

But it doesn't quite work, the signup-page bit works but if I navigate to any other page it keeps the https...

Aucun commentaire:

Enregistrer un commentaire