Https to Http - How to disable ssl on certain pages

khamiss · May 3, 2018, 7:49am

Hi ;

I am having an issue with ssl checkout with my bank gateway, I am getting error if used ssl, since all http headers / responses become encrypted.

any solution ?

Thanks

khamiss · May 3, 2018, 10:12am

okay got the solution; you can find it here

Disabling ssl for one page only
The problem: services that don’t support SSL
I think the best way to go is to get your entire site on SSL. But sometimes there are services that are not really up to date, they don’t provide an SSL certificate on their service.

Especially iframes often cause this problem. Browsers simply won’t load a http iframe on a https site. But even if that were possible, like with images, this wouldn’t be a good idea: mixed content errors, insecure page warnings and so on would flash in front of the user’s eyes, scaring them away. That is why Really Simple SSL changes all these resources to https, forcing them all to load securely.

The result is: when the iframe is loaded over http, the browser blocks it. When the iframe is loaded over https, the browser won’t load it because there’s no SSL certificate.

How to solve this?
In most cases, I would try contacting the service provider to try and get them to start providing a service that supports SSL. Simply adding an SSL certificate resolves it in most cases. If that is not possible, you can try disabling SSL for one page.

Solution with a plugin
To do this, I’ve developed a plugin that handles this for you. You’ll have to deactivate the free plugin, than install Really Simple SSL per page. It will give you the option to enable SSL per page explicitly, or, when you use the “exclude pages” option, to set all pages to SSL, except the pages you have selected.

Manual solution
You can also do it manually:

Step 1:

Activate Really Simple SSL in safe mode
Activate .htaccess redirect in settings/SSL
Enable “stop editing the .htaccess file”
Step 2:

Open your ftp client, like filezilla, and go to the root of your website. Look for the .htaccess file. You may have to enable the “show hidden files” option.

Open this file (make a backup), and look for the

BEGIN rlrssslReallySimpleSSL comment

Some rows below this comment, you will see something like:
RewriteCond %{HTTPS} !=on [NC]

Right after this entry, insert the following:
RewriteCond %{REQUEST_URI} !/your-page

The end result should be something like:

BEGIN rlrssslReallySimpleSSL rsssl_version[2.3.8]

RewriteEngine on RewriteCond %{HTTPS} !=on [NC] #this line may be different on other servers RewriteCond %{REQUEST_URI} !/your-page #add your excluded page here RewriteCond %{HTTP_HOST} ^domain.com [OR] RewriteCond %{HTTP_HOST} ^www.domain.com RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] # END rlrssslReallySimpleSSL

This means the redirect will be used, but not on this page.