I'm looking for a little guidance here in setting up my .htacces and/
or httpd.conf files. I've got a single Rails app that happens to have
two domains pointing to it...let's say www.domain1.com and www.domain2.com.
www.domain2.com has an SSL certificate associated with it, so any
request can be made via http or https and this seems to be working
fine (domain1.com can only be accessed via http).
My problem is that I need all actions for a particular controller
(registration) to be encrypted. The possible actions are:
If any requests are made to http://www.domain1.com/registration/<action>
(1st domain, un-encrypted) or http://www.domain2.com/registration/<action>
(2nd domain, un-encrypted) then they should be forwarded to
https://www.domain2.com/registration/<action> (2nd domain, encrypted).
Any other request (to any controller OTHER THAN the registration
controller) should be forwarded to http://www.domain1.com/controller/<action>.
At this point, the SSL seems to be set up just fine...I can go to
https://www.domain2.com and get a secure page. However there's nothing
keeping me from just changing the protocol to http in the address bar
or changing the whole address to http://www.domain1.com and just
bypassing the SSL encryption entirely.
Any thoughts? Thanks!