Magento在所有页面上使用HTTPS

时间:2014-03-24 22:24:50

标签: .htaccess http magento mod-rewrite https

我的网站www.bambinies.co.uk上有SSL。

我只希望结帐页面要求https,目前我在每个使用不安全基本网址(http)的网页上都会收到500内部服务器错误。

我认为我的.htaccess强制每个页面都有https路径,这里是文件:

RewriteCond %{HTTP_USER_AGENT} MJ12bot
RewriteRule .* - [F]
RewriteCond %{HTTP_USER_AGENT} 80legs [NC]
RewriteRule ^ - [F]

AddType image/svg+xml svg svgz
AddEncoding gzip svgz
AddType text/x-component .htc
DirectoryIndex index.php 

php_value memory_limit 512M 
php_value max_execution_time 18000 
php_flag magic_quotes_gpc off 
php_flag session.auto_start off 
php_flag suhosin.session.cryptua off 
php_flag zend.ze1_compatibility_mode Off 


RewriteCond %{HTTP_HOST} !^www.bambinies.co.uk$ [NC]
RewriteRule ^(.*)$ http://www.bambinies.co.uk/$1 [R=301,L]

RewriteCond %{THE_REQUEST} ^.*/index.php
RewriteRule ^(.*)index.php$ http://www.bambinies.co.uk/$1 [R=301,L]

redirect 301 /home http://www.bambinies.co.uk

Options +FollowSymLinks
RewriteEngine on
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteCond %{REQUEST_URI} !^/(media|skin|js)/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
RewriteRule .* index.php [L]


SetOutputFilter DEFLATE
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
Header append Vary User-Agent env=!dont-vary
php_flag zlib.output_compression on


SetOutputFilter DEFLATE 

SSLOptions StdEnvVars 
Header unset ETag
Header unset Last-Modified

SecFilterEngine Off 
SecFilterScanPOST Off

AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
Header append Vary User-Agent env=!dont-vary


mod_gzip_on Yes
mod_gzip_dechunk Yes
mod_gzip_item_include file \.(html?|txt|css|js|php|pl)$
mod_gzip_item_include handler ^cgi-script$
mod_gzip_item_include mime ^text/.*
mod_gzip_item_include mime ^application/x-javascript.*
mod_gzip_item_exclude mime ^image/.*
mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.* 

ExpiresActive On
ExpiresDefault "access plus 1 seconds"
ExpiresByType text/html "access plus 1 seconds"
ExpiresByType image/gif "access plus 2592000 seconds"
ExpiresByType image/jpeg "access plus 2592000 seconds"
ExpiresByType image/png "access plus 2592000 seconds"
ExpiresByType text/css "access plus 604800 seconds"
ExpiresByType text/javascript "access plus 216000 seconds"
ExpiresByType application/x-javascript "access plus 216000 seconds"

AddType audio/mp4 m4a f4a f4b
AddType audio/ogg oga ogg

AddType application/javascript                      js jsonp
AddType application/json                            json

AddType video/mp4                                   mp4 m4v f4v f4p
AddType video/ogg                                   ogv
AddType video/webm                                  webm
AddType video/x-flv                                 flv

AddType application/font-woff                       woff
AddType application/vnd.ms-fontobject               eot                         
AddType application/x-font-ttf                      ttc ttf
AddType font/opentype                               otf

AddType application/octet-stream                    safariextz
AddType application/x-chrome-extension              crx
AddType application/x-opera-extension               oex
AddType application/x-shockwave-flash               swf
AddType application/x-web-app-manifest+json         webapp
AddType application/x-xpinstall                     xpi
AddType application/xml                             atom rdf rss xml
AddType image/webp                                  webp
AddType image/x-icon                                ico
AddType text/cache-manifest                         appcache manifest
AddType text/vtt                                    vtt
AddType text/x-component                            htc
AddType text/x-vcard                                vcf


AddCharset utf-8 .atom .css .js .json .rss .vtt .webapp .xml

FileETag None

AddDefaultCharset Off
#AddDefaultCharset UTF-8

BrowserMatch MSIE best-standards-support
Header set X-UA-Compatible IE=8 env=best-standards-support

Order allow,deny
Allow from all

如何在所有网页上设置网站不使用https?

2 个答案:

答案 0 :(得分:0)

按照以下步骤操作所有页面的有效https 

Step1: change the base secure and unsecure url from  admin>system>Configuration>General>Unsecure and Secure to https://www.bambinies.co.uk 
Step2:Use Secure URLs in Frontend makes yes under secure tab
Step3: add the below code  in htaccess file

    RewriteCond %{SERVER_PORT} 80 
   RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R,L]
    after RewriteEngine on

答案 1 :(得分:0)

基本网址有两种类型。安全和不安全。似乎您已为正常或不安全的网址添加了https。请检查您的管理员面板或数据库表core_config_data。

相关问题
最新问题