Force https to http redirect except for WordPress /wp-admin directory

Our HTTPS site is indexed on Google. We need this redirected to HTTP. We’re using the following code:

<IfModule mod_rewrite.c>
Options +FollowSymlinks 
RewriteEngine on 
RewriteBase /
RewriteCond %{SERVER_PORT} ^443$ [OR]
RewriteCond %{HTTPS} =on
RewriteRule ^(.*)$ http://www.example.com/$1 [R=301,L]
</IfModule>

to redirect https to http, and it works fine.

Read More

However, I want to exclude all of WordPress admin from the https to http redirect, as I’d like to keep WordPress admin working over https, so I added:

RewriteCond %{REQUEST_URI} !^wp-admin 

taking the .htaccess code to:

<IfModule mod_rewrite.c>
Options +FollowSymlinks 
RewriteEngine on 
RewriteBase /
RewriteCond %{SERVER_PORT} ^443$ [OR]
RewriteCond %{HTTPS} =on
RewriteCond %{REQUEST_URI} !^wp-admin 
RewriteRule ^(.*)$ http://www.example.com/$1 [R=301,L]
</IfModule>

Unfortunately this does not work, and trying to load /wp-admin over https results in too many redirects and the WordPress dashboard does not load.

www.example.com redirected you too many times.

Would appreciate some help in excluding /wp-admin from the https to http redirect.

Related posts

Leave a Reply

1 comment

  1. Try the following, this should force everything to HTTP except for the directory wp-admin:

    RewriteEngine On
    
    RewriteCond %{HTTP:X-Forwarded-SSL} !on
    RewriteCond %{REQUEST_URI} ^/(wp-admin)
    RewriteRule (.*) https://%{HTTP_HOST}/$1 [L,R=301]
    
    RewriteCond %{HTTP:X-Forwarded-SSL} =on
    RewriteCond %{REQUEST_URI} !^/(wp-admin)
    RewriteRule (.*) http://%{HTTP_HOST}/$1 [L,R=301]
    

    If you have problems with the above, you can try this also:

    RewriteEngine On
    RewriteBase /
    
    RewriteCond %{HTTPS} off
    RewriteCond %{REQUEST_URI} ^/wp-admin
    RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
    
    RewriteCond %{HTTPS} on
    RewriteCond %{REQUEST_URI} !^/wp-admin
    RewriteRule ^(.*)$ http://%{HTTP_HOST}/$1 [R=301,L]