How to exclude a post from SSL?

Hi @babakprs, you can try to disable all redirects to https in Really Simple SSL, then add to your .htaccess:

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} !=on [NC]
#this line may be different on other servers
RewriteCond %{REQUEST_URI} !/your-page #add your excluded page here
RewriteCond %{HTTP_HOST} ^domain.com [OR]
RewriteCond %{HTTP_HOST} ^www.domain.com
RewriteRule ^(.*)$ https://%{HTTP_HOST}%/$1 [R=301,L]
</IfModule>
# END rlrssslReallySimpleSSL

Not sure if browsers will allow the redirect to http. It might need some tweaking.

Thank you Rogier.
Do I need to modfiy ^domain.com & ^www.domain.com in to my domain?
Because if I don’t do that, then http site does not redirect to https at all!
And if I modify ^domain.com & ^www.domain.com to my domain, then I get the below error:
This page isn’t working
mydomain.com sent an invalid response.
ERR_INVALID_REDIRECT

Can it be because the SSL is from Cloudflare?

• This reply was modified 2 years ago by Babak.

Yes, you need to adjust the domain.

Can you please elaborate?
SSL is “Flexible”, “Always Use HTTPS” is off, “Automatic HTTPS Rewrites” is off.
Is there anything else that I’m missing?

• This reply was modified 2 years ago by Babak.

BTW, when I check the redirection, I can see there is a redirection, which looks something like below:

https://mydomain.com/ —>HTTP/1.1 301 Moved Permanently—> https://mydomain.com%/

If the above SSL setting with Cloudflare are okay, then as you can see there is “%” after “.com”, which probablay causing the issue.
Do you have any idea hot to remove it?

I think in the above code you need to change
https://%{HTTP_HOST}%/$1

into
https://%{HTTP_HOST}/$1

This caused loop redirection.
I can see if i activate the .htaccess redirect method, then I have the bellow code in the .htaccess file:

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP:CF-Visitor} ‘”scheme”:”http”‘
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
</IfModule>
Isn’t is possible to modify this code in order to redirect my post (URL:https://mydomain.com/mypost01/) to HTTP from the HTTPS site?

• This reply was modified 2 years ago by Babak.
• This reply was modified 2 years ago by Babak.

Maybe something like this (the quotes seem to have been mangled by the editor, take care with copy pasting):

to exclude ‘your-page’ from redirect to https:

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP:CF-Visitor} ‘”scheme”:”http”‘
RewriteCond %{REQUEST_URI} !/your-page #add your excluded page here
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
</IfModule>

To add a redirect to http for this ‘your-page’ only

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP:CF-Visitor} ‘”scheme”:”https”‘
RewriteCond %{REQUEST_URI} /your-page #add your excluded page here
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
</IfModule>

Thank you Rogier, but by adding the page URI

RewriteCond %{REQUEST_URI} /ava-family

as

`<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP:CF-Visitor} ‘”scheme”:”http”‘
RewriteCond %{REQUEST_URI} /ava-family
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
</IfModule>`

the totall redirection of HTTP to HTTPS stops!

Also the second code, causes redirection loop for that page!

Sorry, please ignore my above reply. It was my bad and I made a mistake.

However, still the problem exists!
So, I disabled redict in Really Simple SSL.
Then I added the below code to the htaccess file:

#Begin Really Simple Security
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP:CF-Visitor} '"scheme":"http"'
RewriteCond %{REQUEST_URI} !/ava-family
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
</IfModule>
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP:CF-Visitor} '"scheme":"http"'
RewriteCond %{REQUEST_URI} /ava-family
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
</IfModule>

Now, all the HTTP to HTTPS redirects work well, but for the requested page:
1. The HTTPS doesn’t redirect to HTTP and it opens with HTTPS.
2. If I remove https and enter to the page, then there is a redirect loop.

Am I missing something?

It is possible you need to set your site url and home url to http for this to work. Otherwise WordPress will probably redirect to https anyway.

I just tried what you said (setting site url and home url to http), but exacly the same Scenario happened:
All site’s HTTP to HTTPS redirections work well, but for the requested page:
1. The HTTPS doesn’t redirect to HTTP and it opens with HTTPS.
2. If I remove https and enter to the page, then there is a redirect loop.

Even I tried to uninstall your plugin and just to keep the same code in the htaccess file, but there was no diffrence in the above Scenario!

Please also check if your site has the http strict transport security or upgrade insecure requests header. Those headers need to be removed if present.

• This reply was modified 2 years ago by Rogier Lankhorst.
• This reply was modified 2 years ago by Rogier Lankhorst.