Disable SSL for Single sub-Directory inside public_html


I am running my website with Opencart. my site was non-ssl before, I had HTML code in the description of all 10,000 products listed on my Opencart website and that HTML code was using a flash file which was stored in a sub-folder, so the path is something like this;


Now I have installed SSL, everything works fine but that particular HTML code in all 10,000 products cannot find the file inside a sub-folder abcd, this is because now the path should be


But i can’t change the path in all 10,000 products. So I decided to exclude this subfolder “abcd” from SSL

I am not a script developer and do not understand how to write new rules for .htaccess at all. I would really appreciate i you could please guide me thought step by step simple instructions with an easy example or a code line which i can just copy and paste to .htaccess file and it should start working.

Any help would be much appreciated by this layman.

Hi @shahid,

There might be several other ways to accomplish this. The most usual one is to make a redirection rule so that anytime anyone visits any URL like http://www.mydomain.com/abcd/, the web server automatically redirects that visitor to https://www.mydomain.com/abcd/. In that case, old links will still work because the web server will just send the visitor to the secure version of the site. Is there something about your configuration that would prevent this from working?

Another thing is that computers are very, very good at repeating boring tasks over and over again, even when those tasks would be inconceivably dull for a human being. Usually the computer can be told a description of a task and then told how to generalize or iterate that task, and it will happily complete the whole process. A search-and-replace in 10,000 text files is a very typical task of this kind and is probably straightforward for a computer, even though a human being would naturally never want to have to do this. I suspect getting comfortable with methods of automating tasks on computers could alleviate a lot of boredom in a lot of people’s day-to-day work.

Do you perhaps have a directory containing all 10,000 descriptions in individual HTML files? Or are they represented inside a database of some sort? If you can describe how these files are represented, maybe we can find a way to have the computer replace the “http://” with “https://” for you, maybe in just a few seconds. :slight_smile:

If you do want to pursue your original idea, it would be helpful to know more about your setup in terms of what web server you use, how you configure it, and why these files cannot be found at the corresponding http:// paths.

I had non-SSL Opencart website. I have a folder on root called “abcd” there is a flash file in this folder called “my_flash_player.swf”

while creating new products I always placed an HTML code in the description section of product which lets visitors to play an mp3 file for that product and the code was something like that

http://www.mydomain.com/abcd/my_flash_player.swf …play.xyz.mp3…

I have now installed an SSL and this above code stopped showing the flash player.
I tried adding “s”

httpS://www.mydomain.com/abcd/my_flash_player.swf …play.xyz.mp3…

and it works fine like before
but I can’t add https in all 10,000 products,

So if I can exclude the folder “abcd” from SSL terms and the server reads this folder as non-SSL then my code will work all fine.

I just want to make this folder as a non-SSL folder.

Please guide me through.

I am sorry if I couldn;t explain very well as I am not a script developer at all.

if you could generate an .htaccess rule to force a subfolder to non SSL that would make everything back to normal.

I use Ace-host.net hosting, I tried asking them but they suggested me to find a web developer.

I would really appreciate any help.


I don't think that's necessarily correct. There could be many different reasons why it's not working. For example, there's some chance that it might be possible to solve the problem with a crossdomain.xml file:


Would you mind sharing your real domain name and an example product?

I also don't think that's necessarily correct either. If they were all HTML files stored in a single folder, I could tell you one command to run that would change the links to HTTPS in all 10,000 files in a few seconds.

I don't personally know how to do this, so I'm not trying to be evasive about this by not answering that simple question. :slight_smile:

i would also suggest posting this to the OpenCart forum as this is a very specific question to do with OpenCart and others may have come across it


I think this has something todo with the "mixed content" restriction. You cannot bypass this on the server side, because the browser simply does not access non-https ressources while loading a website via https. You will most likely have to change your html in the products. pro tip: use non-protocol-bound urls (//www.mydomain.com/...) instead of specifiying the protocol explicitly (http://www.mydomain.com/...).

The Flash Player also has its own policy about this, which I believe is controlled by that crossdomain.xml file that I mentioned above. If it's the Flash Player enforcing it, it might be possible to override via a crossdomain.xml file.

Thanks schoen for a prompt reply!

Actually I had an HTMl site on www.mydomain.com
then i found Opencart and installoed it at www.mydomain.com/shop as I didn’t want to risk my old website and Opencart products took me months to complete.

Now I have deleted the old HTML pages website from root, and clonned the Opencart installation from www.mydomain.com/shop to the root and then deleted the contents from www.mydomain.com/shop, and then I also have now installed SSL on my root. Everything else works but.

I had folder called “wimpy” inside folder shop
and a file called “wimpy_button.swf” inside the folder shop/wimpy, so the path of this flash file is;


I had this above path pasted in the HTML description of every product I created in the Opencart which enables my products to show a PLAY Audio flash button for visitors.

As I said I have moved my whole Opencart installation to the root out of “shop” folder, I still have kept shop\wimpy\wimpy_button.swf
so that I can still display the PLAY Audiio flash button on each of my products for visitors but the button doesn’t show up any more. I tried to edit this path on one of my products just adding “s”, I mean "https"to experience, the new path now is.


luckily the button showed up on that product on front end.

So this proves either I have to edit the code for all 10,000 products adding “s” which will take me hell of time


I may find a way to exclude “shop/wimpy” folders from being behaving as HTTPS, if this folder becomes back to behaving as “HTTP” only, then my old path with all 10,000 will start working and I will have the PLAY audio flash button available for all the products.

I m sure there must be a solution for that, it may be writing a rule for .htaccess file i don’t know.

if you can help me on that, much appreciate your help.

Based on what you are saying, it sounds more like an issue with the browser. It won’t load an insecure Flash object on a secure page. You can confirm this by checking the Chrome or Firefox developer tools and seeing if there is a notice about this.

If that’s the case, there is no htaccess rule that will fix this issue as it’s a security rule on the browser.

If I fix my browser what would million people do on their browser to browse my website?

It’s not the browser that’s broken, it’s likely that your site is trying to load a Flash object in an insecure manner on a secure site. Also, I’m only speculating since you have not provided your domain for reviewing.

That makes sense. So, how is the product HTML actually stored and what do you do to edit it? The reason I keep asking about this is that there might be a single command you can run that will do the search and replace across all of them. I agree that editing 10,000 things by hand is a huge waste of human effort, but it's exactly the kind of task that computers are very, very good at if you just know the right way to ask them to do it.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.