htaccess：强制所有页面上的http和所选目录上的https

I have the following:

我有以下内容：

RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} protected [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [L,R=301]

RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !protected [NC]
RewriteRule ^(.*)$ http://%{HTTP_HOST}/$1 [L,R=301]

If the directory is called "protected", make sure that the user is using https. If the directory is anything except "protected", make sure the user is using http.

如果目录名为“protected”，请确保用户使用https。如果目录是除“protected”之外的任何内容，请确保用户正在使用http。

This works great, but how do I specify additional directories?

这很好用，但如何指定其他目录？

Also, is there a way this can be accomplished without having to specify directories twice? One time for including it and one time for excluding it?

此外，有没有一种方法可以实现这一点，而无需两次指定目录？一次包括它和一次排除它？

Thanks!

谢谢！

UPDATE

UPDATE

Although my "protected" folder was forced to use https due to my rules, any references to images, stylesheets, and javascripts that were not in the "protected" folder were still being redirected to http. This causes the "protected" page to only be partially secure. Adding the following prior to the redirect code solves this:

虽然由于我的规则，我的“受保护”文件夹被强制使用https，但是对“不受保护”文件夹中的图像，样式表和javascripts的任何引用仍然被重定向到http。这导致“受保护”页面仅部分安全。在重定向代码之前添加以下内容可解决此问题：

RewriteRule \.(css|gif|jpe?g|js|png|swf)$ - [L]

2 个解决方案

#1

RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} protected [NC,OR]
RewriteCond %{REQUEST_URI} protected2 [NC,OR]
RewriteCond %{REQUEST_URI} protected3 [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [L,R=301]

RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !protected [NC]
RewriteCond %{REQUEST_URI} !protected2 [NC]
RewriteCond %{REQUEST_URI} !protected3 [NC]
RewriteRule ^(.*)$ http://%{HTTP_HOST}/$1 [L,R=301]

you can use OR to add more options!

您可以使用OR添加更多选项！

Here is more detail on mod_rewrite conditions: http://httpd.apache.org/docs/current/mod/mod_rewrite.html#RewriteCond

以下是有关mod_rewrite条件的更多详细信息：http：//httpd.apache.org/docs/current/mod/mod_rewrite.html#RewriteCond

#2

I do it in the vhost configuration (LocationMatch is not available in the htaccess, but that way you can make sure you never accidentally remove it):
(Note: replace __SERVER__ with your server, it is not automatic.)

我在vhost配置中这样做（在htaccess中没有LocationMatch，但是你可以确保你不会意外删除它）:(注意：将__SERVER__替换为你的服务器，它不是自动的。）

<VirtualHost *:80>
    ...
    <LocationMatch "(.*(p|P)hpMyAdmin.*)">
        RedirectPermanent / https://__SERVER__/
    </LocationMatch>
</VirtualHost>
<VirtualHost *:443>
    ...
    <LocationMatch "!(.*(p|P)hpMyAdmin.*)">
        RedirectPermanent / http://__SERVER__/
    </LocationMatch>
</VirtualHost>

I have never tested the second scenario (redirect to non-secure) but it should work (not sure about the ! placement).
I have not yet found a good way to not specify them twice, but it is easy enough to copy the single line regex for the LocationMatch

我从来没有测试过第二种情况（重定向到非安全）但它应该工作（不确定！放置）。我还没有找到一个不指定它们两次的好方法，但很容易为LocationMatch复制单行正则表达式

#1

RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} protected [NC,OR]
RewriteCond %{REQUEST_URI} protected2 [NC,OR]
RewriteCond %{REQUEST_URI} protected3 [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [L,R=301]

RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !protected [NC]
RewriteCond %{REQUEST_URI} !protected2 [NC]
RewriteCond %{REQUEST_URI} !protected3 [NC]
RewriteRule ^(.*)$ http://%{HTTP_HOST}/$1 [L,R=301]