Apache mod_rewrite - Redirect to HTTPS except one friendly URL (Controller)

Question

I have a website that needs to force HTTPS except when a particular URL begins with a pattern.

The problem is I have a redirection to index.php to load a PHP Controller in my system. When it redirects to index.php rewrite rules are applied again but %{REQUEST_URI} becomes index.php after the redirection and URL that can use http is redirected to https.

Is there a way around that ? Maybe not reading the rules again after internal redirection or keeping REQUEST_URI the same.

RewriteEngine On
RewriteCond %{REQUEST_URI} !^/ok_with_http
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

RewriteCond %{REQUEST_FILENAME} !-f 
RewriteCond %{REQUEST_FILENAME} !-d 
RewriteRule .* index.php [QSA,L]

Answer 1

%{THE_REQUEST} could be used instead of %{REQUEST_URI} to test the original request even after internal redirect to index.php .

According to the manual:

THE_REQUEST

The full HTTP request line sent by the browser to the server (eg, GET /index.html HTTP/1.1 ). This does not include any additional headers sent by the browser. This value has not been unescaped (decoded), unlike most other variables below.

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{THE_REQUEST} !^[A-Z]+\ /ok_with_http(/\S*)?\s
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

RewriteCond %{REQUEST_FILENAME} !-f 
RewriteCond %{REQUEST_FILENAME} !-d 
RewriteRule .* index.php [QSA,L]

See answer that I used as a reference.