If your webserver has no problem with https service, this is a working solution that I found to permanently redirect your visitors (clients) to https port of your webserver. I found many solutions but this one worked for me as I tested it. Why permanent secure connection? This is really important for applications that need higher security to protect your data. For more info on this topic please google. :)
These 3 lines are needed to put in /etc/httpd/conf/httpd.conf :
RewriteEngine onSo now test it. Should be ok. If not, check the log and troubleshoot.
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
Where to put them? Search Directory directive in httpd.conf. Below is sample from httpd.conf
on Mandriva.
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs-2.0/mod/core.html#options
# for more information.
Options -Indexes FollowSymLinks MultiViews
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit Indexes
AllowOverride None
# Controls who can get stuff from this server.
Order allow,deny
Allow from all
After putting those 3 lines:
RewriteEngine On
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs-2.0/mod/core.html#options
# for more information.
Options -Indexes FollowSymLinks MultiViews
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit Indexes
AllowOverride None
# Controls who can get stuff from this server.
Order allow,deny
Allow from all
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
That's the whole ball of wax.
4 comments:
ok..i've tried this one before..trying to put apache in front using ssl for another application..i end up using stunnel for the ssl :p
gotta try this configuration.
thanx bro
Pls post here your result. thanks in advance.
it works! thanks for you advise. mandriva 2010 ignore .htaccess file i think.
you save mi couple days of my life.
tomek
Thanks for the feedback tomasz. Glad it worked for you. :)
Post a Comment