Hi Everyone.

This may seem a pretty basic question but here goes....
on my domain https:// if you take away the 's' from the http you can still view the secured section, what i need is it to either provide an error or better still make the page redirect to where they are and replace the 's' in the url....if you get what i mean.

Sorry to appear vague ....... any ideas?
The site is in php too if that helps......or not!


Cheers
EMHMK1

The best thing you can do is force the page to be viewed only by https which is not hard to do and can be done several ways. (BTW, unless you link to the non https version of that page users should never be able to get there in the first place unless they're doing something naughty).

To do it with Apache put this code in a file called .htaccess in the same directory as the file you want to force the http:

Redirect permanent http://www.domain.com/page.php https://www.domain.com/page.php

If you're using PHP you can put this at the top of the page to accomplish the same thing:

<?php
$https_url = 'https://www.domain.com';
if ( isset( $_SERVER['HTTPS'] ) && $_SERVER['HTTPS'] == 'off' )
{
	header('location: ' . $https_url);
	exit;
}
else if ( !isset( $_SERVER['HTTPS']) && $_SERVER['SERVER_PORT'] == 443 )
{
	header('location: ' . $https_url);
	exit;
}
?>

Cheers Sty,

The php version is a peach.

Thanks very much.

EMHMK1

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.