Skip to content

Redirect admin area requests to HTTPS

Create a redirect rule to redirect requests for the administration area of `store.example.com` to HTTPS, keeping the original path and query string.

This example dynamic redirect for zone example.com will redirect requests for the administration area of a specific subdomain (store.example.com) to HTTPS, keeping the original path and query string.

Example

When incoming requests match

  • Field: SSL/HTTPS
  • Value: Off

And

  • Field: Hostname
  • Operator: equals
  • Value: store.example.com

And

  • Field: URI Path
  • Operator: starts with
  • Value: /admin

If you are using the Expression Editor, enter the following expression:
(not ssl and http.host eq "store.example.com" and starts_with(http.request.uri.path, "/admin"))

Then

  • Type: Dynamic
  • Expression: concat("https://", http.host, http.request.uri.path)
  • Status code: 301
  • Preserve query string: Enabled

The rule includes SSL/HTTPS: Off (not ssl in the rule expression) to avoid redirect loops.

For example, the redirect rule would perform the following redirects:

Request URLTarget URLStatus code
http://store.example.com/admin/products/https://store.example.com/admin/products/301
https://store.example.com/admin/products/(unchanged)n/a
http://store.example.com/admin/?logged_out=truehttps://store.example.com/admin/?logged_out=true301
http://store.example.com/?all_items=true(unchanged)n/a
http://example.com/admin/(unchanged)n/a