3980c49a34e5418a5a48d6efda8cd3715a091322
By:
mmsa

How to disable SSL for a specific URL

December 27, 2016 164 views
WordPress Apache DigitalOcean Let's Encrypt Ubuntu 16.04

We are extremely pleased with DigitalOcean and the setup for Let's Encrypt when flawlessly. But now we have a problem.

Our Wordpress site, mmsa.org, features a wonderful new national service called The Connectory. This service connects people with STEM activities in our state of Maine and throughout the nation.

Unfortunately, the data provided on our page from The Connectory — currently located at https://mmsa.org/stem-resource-bank/ — isn't providing their data from a secure source. So we need to make that page and every sub-page un-encrypted.

How do we do this?

I've modified .htaccess with every redirect, rewrite, configuration I can find here and on many other forums, but that won't stop this one page from using SSL.

I am under the impression .htaccess isn't the way to go. Instead, I must have to edit the configuration elsewhere.

Here's my .htaccess:

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

What I discovered is a file called 000-default-le-ssl.conf appears to be what is responsible for making the site secure.

This is the contents of that file:

<IfModule mod_ssl.c>
<VirtualHost *:443>
        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html

        <Directory /var/www/html/>
            Options Indexes FollowSymLinks
            AllowOverride All
            Require all granted
        </Directory>

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLCertificateFile /etc/letsencrypt/live/mmsa.org/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mmsa.org/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
ServerName mmsa.org
</VirtualHost>
</IfModule>

I also have a file called 000-default.conf which looks like this:

<VirtualHost *:80>
        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html

        <Directory /var/www/html/>
            Options Indexes FollowSymLinks
            AllowOverride All
            Require all granted
        </Directory>

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =mmsa.org
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
</VirtualHost>

What do I need to change to make all requests of and inside of mmsa.org/stem-resource-bank not use https? I feel like the answer is in front of me but I lack the knowledge or direction as to how to correctly change this information. I also can't find anything on Google that gives a good example to follow.

Thanks!
-Alex

1 Answer

Can you give the link to the non-secure source data? And what is com-api.onl supposed to do?

  • Hello @Woet,
    I'm not certain what that file's mission is, but I've repaired the issue.
    Thanks for your response.
    -Alex

Have another answer? Share your knowledge.