apache - How do you redirect HTTPS to HTTP?


Translate

How do you redirect HTTPS to HTTP?. That is, the opposite of what (seemingly) everyone teaches.

I have a server on HTTPS for which I paid an SSL certification for and a mirror for which I haven't and keep around for just for emergencies so it doesn't merit getting a certification for.

On my client's desktops I have SOME shortcuts which point to http://production_server and https://production_server (both work). However, I know that if my production server goes down, then DNS forwarding kicks in and those clients which have "https" on their shortcut will be staring at https://mirror_server (which doesn't work) and a big fat Internet Explorer 7 red screen of uneasyness for my company.

Unfortunately, I can't just switch this around at the client level. These users are very computer illiterate: and are very likely to freak out from seeing HTTPS "insecurity" errors (especially the way Firefox 3 and Internet Explorer 7 handle it nowadays: FULL STOP, kind of thankfully, but not helping me here LOL).

It's very easy to find Apache solutions for http->https redirection, but for the life of me I can't do the opposite.

Ideas?


All Answers
  • Translate

    This has not been tested but I think this should work using mod_rewrite

    RewriteEngine On
    RewriteCond %{HTTPS} on
    RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI}
    

  • Translate

    Keep in mind that the Rewrite engine only kicks in once the HTTP request has been received - which means you would still need a certificate, in order for the client to set up the connection to send the request over!

    However if the backup machine will appear to have the same hostname (as far as the client is concerned), then there should be no reason you can't use the same certificate as the main production machine.


  • Translate

    Based on ejunker's answer, this is the solution working for me, not on a single server but on a cloud enviroment

    Options +FollowSymLinks
    RewriteEngine On
    RewriteCond %{ENV:HTTPS} on
    RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
    

  • Translate

    For those that are using a .conf file.

    <VirtualHost *:443>
        ServerName domain.com
        RewriteEngine On
        RewriteCond %{HTTPS} on
        RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI}
    
        SSLEngine on
        SSLCertificateFile /etc/apache2/ssl/domain.crt
        SSLCertificateKeyFile /etc/apache2/ssl/domain.key
        SSLCACertificateFile /etc/apache2/ssl/domain.crt
    
    </VirtualHost>
    

  • Translate

    If none of the above solutions work for you (they did not for me) here is what worked on my server:

    RewriteCond %{HTTPS} =on
    RewriteRule ^(.*)$ http://%{HTTP_HOST}/$1 [L,R=301]
    

  • Translate

    all the above did not work when i used cloudflare, this one worked for me:

    RewriteCond %{HTTP:X-Forwarded-Proto} =https
    RewriteRule ^(.*)$ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
    

    and this one definitely works without proxies in the way:

    RewriteCond %{HTTPS} on
    RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
    

  • Translate

    It is better to avoid using mod_rewrite when you can.

    In your case I would replace the Rewrite with this:

        <If "%{HTTPS} == 'on'" >
                Redirect permanent / http://production_server/
        </If>
    

    The <If> directive is only available in Apache 2.4+ as per this blog here.


  • Translate

    this works for me.

    <VirtualHost *:443>
        ServerName www.example.com
        # ... SSL configuration goes here
        Redirect "https://www.example.com/" "http://www.example.com/"
    </VirtualHost>
    
    <VirtualHost *:80>
        ServerName www.example.com
        # ... 
    </VirtualHost>
    

    be sure to listen to both ports 80 and 443.


  • Translate

    None of the answer works for me on Wordpress website but following works ( it's similar to other answers but have a little change)

    RewriteEngine On
    RewriteCond %{HTTPS} on
    RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
    

  • Translate

    As far as I'm aware of a simple meta refresh also works without causing errors:

    <meta http-equiv="refresh" content="0;URL='http://www.yourdomain.com/path'">