• Home »
  • Insights »
  • LiteSpeed Web Server: Redirect All Web Traffic to HTTPS Except One Directory Or URL

LiteSpeed Web Server: Redirect All Web Traffic to HTTPS Except One Directory Or URL

LiteSpeed web server uses the same Rewrite engine that Apache uses so most of the information you will findĀ  on the Internet relates to Apache and not LiteSpeed. One of the projects I am working on redirects all web traffic that hits each virtual host from HTTP to HTTPS without exception. Recently it came up that we needed to do some API testing with a company that wanted to test on a development server to HTTP and not HTTPS. So I needed to figure out how to exclude a specific directory from our HTTPS Redirect Rule on one specific virtual host which turns out is really easy. Below I describe how to send all traffic except one directory to HTTPS via the LiteSpeed web admin.

Exclude One Directory or URL From A Site Wide HTTPS Redirect:

If your domain is www.securedomain.com and anyone that visits that site should be redirected from http://www.securedomain.com to https://www.securedomain.com then you would use a statement similar to the below in the virtual host configuration on LiteSpeed. You can modify the Rewrite Rules on LiteSpeed by opening the LS web admin interface, selecting Configuration in the top navigation menu, selecting Virtual Hosts from the drop down, clicking the virtual host you want to modify, and then clicking on the Rewrite tab underneath the virtual host settings. Make sure Enable Rewrite is set to Yes and then click Edit in the right corner of Rewrite Rules to modify the rules.

Redirect All Virtual Host Traffic To HTTPS:

RewriteCond %{HTTPS} !on
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]

Now add the below RewriteCond to exclude the directory you want visitors to be able to view with HTTP without being redirected to HTTPS.

Exclude One Directory From HTTPS Redirect:

RewriteCond %{HTTPS} !on
RewriteCond $1 !^/notsecure
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]

The above will redirect all traffic to http://www.securedomain.com to https://www.securedomain.com except for traffic to http://www.securedomain.com/notsecure. You can add as many directories as you want to exclude from the redirect by adding multiple RewriteCond lines. The same concept can apply to files with a slight modification to the RewriteCond rule.


List Price: $44.99 USD
New From: $2.55 USD In Stock
Used from: $0.01 USD In Stock


List Price: $39.99 USD
New From: $3.50 USD In Stock
Used from: $0.01 USD In Stock

Share