i purchased a ssl certificate to protect www.website.com.

but i do not want people access https://website.com and it break my secure connection.

which is the best was when some one access https://website.com, will redirect to https://www.website.com.

Hello,

You could add to an .htaccess file in public_html:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^website\.com$ [NC]
RewriteRule ^(.*)$ https://www.website.com/$1 [R=301,L]Phi1.

You could add to an .htaccess file in public_html:[code]RewriteEngine on
RewriteCond %{HTTP_HOST} ^website\.com$ [NC]
RewriteRule ^(.*)$ https://www.website.com/$1


you mean at private_html.

Yes I did mean private_html, although this would still work in public_html (would redirect http:// to https://) :)

Phi1.

thanks.

btw, i have another problem, went i goto https://website.com, i have been prompt to accept the share server certificate. How can i get rid of that.

"https" is a secure protocol and requires a certificate.

If you use the default certificate on the server you'll get two warnings, one that the cert isn't recognized by your browser, and one that it's not for the right domain name.

You can get rid of the first (but not the second) by buying a certificate to use for the shared cert.

You can get rid of both by either buying a cert for the domain or by buying a shared cert, and then running the secure part of the domain through https://www.sharedcertdomain.com/~username where username is the name of the domain you want protected.

however the latter causes lots of problems of it's own.

Generally if you want a secure site you need to buy a cert.

Jeff

As on my 1 post, i have purchased a ssl certificate for the common name (https:\\)www.website.com. i have install and working very fine on my secure website.

but when people access (https://)website.com, it been prompt by server shared certificate warning and i'm afraid people will go off when see this security warning.

1) i have successfully created .htaccess as your post to redirect users from https://website.com to https://www.website.com
2) i still get the server shared certicate warning on https://website.com and i need get rid of the warning and forward users to https://www.website.com , can i?

Probably not. What I do is buy a cert for "secure.example.com" and tell everyone to go there.

Then if they don't, it's their fault :eek: .

Another possibility is to buy a wildcard cert for example.com, so anything.example.com will work.

That could be expensive, though.

Jeff

thanks jeff. i need what to do now.

Hey,

Redirects/Rewrites work OK if you are going from a http site to a https site...

But, with https, the cert is read/accessed prior to reading any redirects...

So, trying to redirect a user from https://domain.com to https://www.domain.com will still give you a popup.

At least that's been my limited experience.

David

Originally posted by dannygoh
thanks jeff. i need what to do now.
If you've already got a cert for www.example.com, then you have to tell your clients that they need to enter that into their browser.

Or buy another cert.

You cannot tell the cert for example.com to answer to www.example.com, or a cert for www.example.com to answer to example.com, without either buying a wildcard cert, or two certs, or getting the popup.

Jeff