0

I have an application on a lamp stack. The application uses let's encrypt SSL certs for https. One function of the application is to allow users to embed certain content in an iframe on other sites.

Using the Let's Encrypt certification script, I have forced all traffic to redirect to https. I am hoping to allow the embed paths to be http or https.

Here's my virtual host conf file:

# file: /etc/apache2/sites-available/mysite.com.conf
<VirtualHost *:80>

  ServerAdmin me@server.com
  ServerName mysite.com

  DocumentRoot /var/www/mysite.com

  <Directory />
    Options FollowSymLinks
    AllowOverride None
  </Directory>

  <Directory /var/www/mysite.com>
    Options Indexes FollowSymLinks MultiViews
    AllowOverride All
    Order allow,deny
    Allow from all
  </Directory>

  # Log file locations
  LogLevel warn
  ErrorLog ${APACHE_LOG_DIR}/mysitecom_error.log
  CustomLog ${APACHE_LOG_DIR}/mysitecom_access.log combined

  RewriteEngine on
  RewriteCond %{SERVER_NAME} =mysite.com
  RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

</VirtualHost>

I would like to add a condition like this:

If URI begins with: embed/video
Do not redirect to https. Allow either http or https for this path.

While keeping all other traffic redirecting to https.

ymdahi
  • 103
  • 4

1 Answers1

0

The rewrite conditions for a particular rule are logically ANDed together to determine if the rule should be applied. You can use ! to negate a condition. You should be able to do something like

RewriteEngine on
RewriteCond %{SERVER_NAME} =exmple.com
RewriteCond %{REQUEST_URI} !^/embed/video
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

If the server name is example.com and the request URI does not begin with /embed/video then redirect to https.

user9517
  • 114,104
  • 20
  • 206
  • 289