Can't get secure pages to secure any page

I don't know if this will be helpful at all, since my server is running IIS, not Apache. But I found, as you did, that Secure Pages was not securing anything. Worse, when the "Switch back to http pages when there are no matches" box was checked, any attempt to load a non-secure page resulted in an infinite loop of redirects.

Several of the functions in securepages.module appear to expect boolean values for $_SERVER['HTTPS'], but the values being supplied on my server were the strings "on" and "off." Making the necessary changes to these functions seems to have cleared everything up.

I'm using drupal 5.7 on php 5 + apache and I can't get it to secure any pages either. https is working fine if I type that address in, but the secure pages module doesn't seem to affect anything at all.

Looking at Posco's #1 comment above, I checked and my server doesn't mention the $_SERVER['HTTPS'] variable in the PHP Variables section either - I assume this is a requirement?

I've tried 5.x 1.6 and the current dev download, no joy.

The problem seems to be in the settings.
I set it to "Make secure every page except the listed pages" and didn't put any pages in the field. The result was as mentioned above.

Then I've reversed it to "Make secure only the listed pages." and put a * in the field.
Result: All pages are redirected to https.

Hope that helps.

This may not solve everyone's problem, but it sure solved mine. I've discovered, after looking at the code, that secure pages is only going to force the browser over to https:// if the page that is being loaded exists in the menu system. In other words, if you have a site that you create a bunch of page content types on, and you are not using the Drupal menu system to create links to those pages, then Secure Pages will never try to force it over to SSL. Why wouldn't you use Drupal's menu system to create links to pages, you ask? In my case, we've created a special drop down 'menu' in a block thats just static HTML code linking to various pages.

Again, don't know how helpful this will be to anyone but me, but I wanted to get it out there.

Thanks,
-Greg

bkoether's solution worked for me. Thanks

I was also having this problem with Drupal 6.

bkoether's solution worked for me as well, but I had to disable FCK editor on the Secure Pages settings page first. With FCK editor active on the page, it was automatically adding a paragraph tag to the wildcard. Everything worked once I was able to delete the tag.

I just had the same issue but with a fat error. The problem in my installation is that $_SERVER['https'] is not present when not secure. The code in securepages.module is testing for $_SERVER['https'] being on, but perhaps it would be better to first test if it is set at all:

securepages.module: 29

  elseif ($page_match && !isset($_SERVER['HTTPS'])) {
    securepages_goto(TRUE);
  }

A further nested if could test for it being off if necessary (not in my case).

bkoether's solution worked for me in Drupal 5.x as well, thanks.

This is a completely new version which has been ported to 6.x again.

If this is still an issue, please resubmit.

#4 fixed this problem for me while running 6.x-1.8... is there a fix for this?

That worked for me. I did not want all those pages on the navigation, but all I had to do was place them there as sub-menu item on a disabled item. Thanks for posting that.