We Keep Coding

Exclude a directory from https redirects

I want to exclude "dir2" directory from my http to https redirect so I added the following htaccess directive:
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} dir2 [NC]
RewriteRule ^(.*)$ http://%{HTTP_HOST}/$1 [L,R=301]
and then test it by visiting the following url:
http://example.com/dir2/ok.txt but I was redirected to https://example.com/dir2/ok.txt.
Website is using Opencart 2.x under php5.6, EncryptSSL and Cloudflare's DNS. Cloudflar's Crypto settings are as follows:
SSL: Full(Strict)
Always Use HTTPS: On
Automatic HTTPS Rewrites: On
Here is the full .htaccess: https://pastebin.com/U5k5wj4K
Can you please help me out?

You can not add an htaccess rule. Because in this case, this is only for the exchange between the Cloudflare server and yours.
Add a Cloudflare rule from their control panel:
Cloudflare -> Page Rules -> Create Page Rule
And change the settings for your directory (not Always Use HTTPS and no Automatic HTTPS Rewrites)

Redirecting site for HTTPS

I am trying to redirect my site to always open in HTTPS. I am using CloudFlare and they have a setting to "Always use HTTPS". But there is a page on my website where I do not want to use HTTPS as it opens other websites under an iFrame. And if that page also loads in HTTPS then under iFrame any website whose URL hasn't been mentioned with HTTPS doesn't open. Therefore, for that particular page I want to keep the website to be opened under HTTP.
Things I am doing:
In CloudFlare Crypto settings "Always Use HTTPS" is ON.
Then in my page where I want it to opened under HTTP say surf.php
I am using the following PHP code:
if($_SERVER['HTTP_HOST'] != 'localhost'){
if(isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == 'on'){
if(!headers_sent()){
header("Status: 301 Moved Permanently");
header(sprintf('Location: http://%s%s',$_SERVER['HTTP_HOST'],$_SERVER['REQUEST_URI']));
exit();
}
}
}
Now the page doesn't open and says "The page isn’t redirecting properly". What should I do? Is there any other method to accomplish this? I want to use HTTPS in whole website so "Always use HTTPS" settings in cloudflare should be ON except just surf.php. What should be the best method here?

It sounds like you are in a redirect loop. Where you have a .htaccess file that forces HTTPS, and then you redirect to HTTP using PHP. Then that new request has all the same rules applied to it so that it gets redirected by .htaccess again to HTTPS, and so on (to infinity)
So I would first make sure your not forcing HTTPS in your .htaccess file. If so you can add a RewriteCond to exclude your URL:
#RewriteEngine On #-- if not included elsewhere
#if HTTPS is not on (then continue)
RewriteCond %{HTTPS} !=on
#add this rule in (if not our page, then redirect to HTTPS)
RewriteCond %{REQUEST_URI} !^/surf\.php$
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
When mod rewrite hits a Rewrite condition if it fails (is false) it will disregard the next rewrite rule. So with this in place your PHP code could do it's job, but you can also do this in htaccess alone. Because you will have dependence on the URL in there anyway, I don't see an issue doing it all in the .htaccess file.
This would basically be the opposite of the above except you know the url. Something like this:
#if HTTPS is not on (then continue)
RewriteCond %{HTTPS} !=on
#add this rule in (if not our page, then redirect to HTTPS)
RewriteCond %{REQUEST_URI} !^/surf\.php$
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
#if HTTPS is not off (then continue)
RewriteCond %{HTTPS}!=off
# (if is our page, then redirect to HTTP)
RewriteCond %{REQUEST_URI} ^/surf\.php$
RewriteRule ^(.*)$ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
I can't really test this though, but that's the general idea. If HTTPS is no off, and the %{REQUEST_URI} is our page !^/surf.php$ redirect to HTTP... Basically you have to punch a hole through the HTTPS rule and then force http.
I am pretty sure with %{REQUEST_URI} you only have to check if it starts with your URL (minus the host and protocal).
I'll admit I'm a bit rusty with complex HTACCESS rules, spoiled by MVC routers, so this may very well not be 100% correct. But the general idea is sound.
Anyway hope it helps.

WordPress NOT redirecting from http to https SSL

I have my WordPress Address (URL) and my Site Address in the WordPress settings as my url: https://example.com/blog but when I type in http://example.com/blog, it doesn't redirect it to the SSL version, even though I have the site address as https.
I disabled all the plugins and switched to the default theme but this still occurs. Any reasons as to why this is happening or solutions?

You still have to redirect 'http' to 'https'.
You have several options, here are a couple:
Option 1
In your .htaccess file you can add:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]
Just be sure to change www.example.com to whatever your domain should be (you don't need the www. if you don't want it.)
Option 2
Change your DNS to CloudFlare (free) and change the settings according to this:
https://support.cloudflare.com/hc/en-us/articles/200170536-How-do-I-redirect-all-visitors-to-HTTPS-SSL-
However, if you want to use www. I recommend using two page rules so that you can redirect http to https and add www. in a single redirect. Doing both in a single redirect can be better for SEO. For both page rules, select the setting called "Forwarding URL" and "301" and make the rules as follows:
http://*example.com/*
to
https://www.example.com/$2
and
https://*example.com/*
to
https://www.example.com/$2
This is assuming that you are not using subdomains. If you are, let me know and I can update the answer with rules that will accommodate subdomains.

You forgot to update .htaccess file after installing SSL. So you should add the following code to your .htaccess file:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>
After that, for cross-checking regarding your website all pages are properly redirected to https or not, follow steps & use tools mentioned in this resource.

Redirect from http to https ONLY IF https is available

I use an in-house content management system written using PHP and running on Apache and Linux. The CMS has an install routine that automatically creates a .htaccess file that forces the redirect of http to https for all new isntallations. This is all good if https is installed on that domain, but my question is, how can I modify the test so that .htaccess only forwards to https if https is available for that domain?
The important part of the .htaccess file:
# Redirect users from http: to https:
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,QSA]

Okay, well the way to do it is first not to use mod_rewrite (pursing to https://httpd.apache.org/docs/2.4/rewrite/avoid.html) and use Redirect in its place:
Redirect "/" "https://www.example.com/"

Force /news folder to HTTP in .htaccess

We have a section of our site which uses https to login securely, however when you visit this page and click away, you continue to view the site in HTTPS. This causes display issues on any pages using the http://www.domain.com/news/ URL.
How can we force all pages under the http://www.domain.com/news/ folder to use HTTP rather than HTTPS?

It's the opposite of requiring https, so with the condition of https on, rewrite this specific dir with deeper path to the http version.
RewriteEngine on
RewriteCond %{HTTPS} on
RewriteRule ^news/(.*) http://%{SERVER_NAME}/news/$1 [L]
Instead of SERVER_NAME, you can use HTTP_HOST when your site is accessed with a server-alias and you don't want to change that.
Be aware that links to https-requiring pages should be use https explicitly, or have a rewrite-rule of their own.

Place this 301 redirect rule in /news/.htaccess:
RewriteEngine on
RewriteBase /news/
RewriteCond %{HTTPS} on
RewriteRule ^ http://%{HTTP_HOST}/%{REQUEST_URI} [L,R=301,NE]