Wednesday, June 10, 2009

Permanently redirect your client to https using apache webserver

If your webserver has no problem with https service, this is a working solution that I found to permanently redirect your visitors (clients) to https port of your webserver. I found many solutions but this one worked for me as I tested it. Why permanent secure connection? This is really important for applications that need higher security to protect your data. For more info on this topic please google. :)

These 3 lines are needed to put in /etc/httpd/conf/httpd.conf :

RewriteEngine on
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]

Where to put them? Search Directory directive in httpd.conf. Below is sample from httpd.conf
on Mandriva.


# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs-2.0/mod/core.html#options
# for more information.

Options -Indexes FollowSymLinks MultiViews

#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit Indexes

AllowOverride None

# Controls who can get stuff from this server.
Order allow,deny
Allow from all



After putting those 3 lines:


RewriteEngine On
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs-2.0/mod/core.html#options
# for more information.

Options -Indexes FollowSymLinks MultiViews

#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit Indexes

AllowOverride None

# Controls who can get stuff from this server.
Order allow,deny
Allow from all
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]



So now test it. Should be ok. If not, check the log and troubleshoot.

That's the whole ball of wax.

4 comments:

Anonymous said...

ok..i've tried this one before..trying to put apache in front using ssl for another application..i end up using stunnel for the ssl :p

gotta try this configuration.

thanx bro

Zamri said...

Pls post here your result. thanks in advance.

Unknown said...

it works! thanks for you advise. mandriva 2010 ignore .htaccess file i think.
you save mi couple days of my life.
tomek

Zamri said...

Thanks for the feedback tomasz. Glad it worked for you. :)

Renew letsencrypt ssl certificate for zimbra 8.8.15

 Letsencrypt certs usually consists of these files: 1. cert.pem 2. chain.pem 3. fullchain.pem 4. privkey.pem I am not going to discuss about...