Force Non-SSL (http) on particular page and SSL on all other pages by .htaccess

Question

I'm using Zend-Framework and below are the code of my htaccess.

rewriteEngine On

RewriteCond %{HTTPS} =off
RewriteRule ^(.*)$ https://www.mysite.co/$1 [R=301,L] 
RewriteCond %{http_host} ^mysite.co [NC]
RewriteRule ^(.*)$ https://www.mysite.co/$1 [R=301,L] 

RewriteCond %{REQUEST_FILENAME} -s [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^.*$ index.php [NC,L]

Now I want to force http on mysite.co/news/* and https on all other pages. So how can i apply rule?

Answer 1

You can define your controller and action and put this code into that condition, for that you can use bootstrap of zend framework.

like:

if($_SERVER['SERVER_PORT'] == '443') {
    header('Location: http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
    exit();
}

Or you can use this bootstrap method

protected function _initForceSSL() {
    if($_SERVER['SERVER_PORT'] == '443') {
        header('Location: http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
        exit();
    }
}

Answer 2

There exists the isSecure() function that lets you know if it is a https request (true) or http (false).
You can try to go through a plugin like this to redirect your query:

class Application_Plugin_SSL extends Zend_Controller_Plugin_Abstract
{

    public function dispatchLoopStartup(Zend_Controller_Request_Abstract $request){

      if (!$request->isSecure()){ // -> not https

            $request->setModuleName('yourmodule')
                    ->setControllerName('yourcontrolle')
                    ->setActionName('youraction')
                    ->setDispatched(true) ;
      }
    }
}