Forcing SSL on signup but removing SSL on non-signup pages

1 Views

I am using wordpress and I have the following two functions defined in wp-config.php: 

define('FORCE_SSL_ADMIN', true);
define('FORCE_SSL_LOGIN', true);

But I am also wanting to force SSL on a signup page of example.com/signup-page however if I navigate to the signup-page then navigate elsewhere on the website it keeps https enabled unless I go to the homepage…

Read More

I want the entire website to be forced to have www. and the force the entire website to be non-SSL with the exception of login forms, admin pages, signup-page and custompage

I tried the following rules: 

RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule ^/?$ http://%{SERVER_NAME}/ [R=301,L]

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(signup-page/.*)$ https://www.example.com/$1 [R=301,L]

But it doesn’t quite work, the signup-page bit works but if I navigate to any other page it keeps the https…

Post Views: 1

Related posts

Leave a Reply

1 comment

  1. Keep these 2 rules as your very first rule:

    RewriteEngine On

RewriteCond %{HTTPS} off
RewriteCond %{THE_REQUEST} s/+(signup-page|example-page) [NC]
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

RewriteCond %{HTTPS} on
RewriteCond %{THE_REQUEST} !s/+(signup-page|example-page) [NC]
RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI}  [R=301,L]