Recently we had a WordPress site where that used HTTPS (SSL) on the login/admin areas. But we wanted to discourage HTTPS for non-admin URL. Here are the rewrite rules that ended up using in a .htaccess file:
1 2 3 4 5 6 7 |
RewriteEngine On RewriteCond %{HTTPS} on RewriteCond %{REQUEST_URI} !^\/wp\-admin RewriteCond %{REQUEST_URI} !^\/wp\-login.php RewriteCond %{REQUEST_URI} !^\/wp\-includes RewriteCond %{REQUEST_URI} !^\/wp\-content\/plugins RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [R,L] |