logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> Apache View previous topic :: View next topic
Reply to topic   Topic: Redirecting http to https
Author
cearlp



Joined: 17 Sep 2022
Posts: 1
Location: Clinton

PostPosted: Sat 17 Sep '22 23:26    Post subject: Redirecting http to https Reply with quote

Using Apache 2.4.52 (Ubuntu) and have ServerName as mysite.com and ServerAlias as www.mysite.com in both VirtualHost (*:80 and *:443) descriptions in the
mysite.conf file. I inserted Redirect permanent / https://mysite.com/ in the *:80 portion and everything (https://mysite.com, www.mysite.com and mysite.com) get routed to https except when the URL is http://mysite.
Is this as designed or is there something I am missing?
Back to top
Otomatic



Joined: 01 Sep 2011
Posts: 150
Location: Paris, France, EU

PostPosted: Mon 19 Sep '22 8:51    Post subject: Reply with quote

Hi,

Instead of "Redirect permanent" I prefer to use :
Code:

  <IfModule ssl_module>
    RewriteEngine On
    RewriteCond %{HTTPS} !=on
    RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
  </IfModule>

in the VirtualHost port 80 definition.
Back to top
cent2ap



Joined: 14 Sep 2020
Posts: 6

PostPosted: Tue 18 Oct '22 18:47    Post subject: Reply with quote

I wanted to mention the solution that I'm using, which is based on the Apache documentation.

Code:

RewriteEngine On
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R=permanent,L]


1) exclude requests to port 80 for ACME challenges (Let's Encrypt Certificates, etc)

2) Redirect to https

3) Response is a 308 permanent redirect (R=permanent)

4) This is the last rule (L)


Why is this better than the above? First the check for HTTPS!=on is irrelevant, since it is implied that the rule is executed for port 80 traffic, which implies no encryption. Second, we avoid redirecting ACME challenges, which by default use port 80. Finally, we prefer a permanent redirect, else the remote browser will keep hitting this rule over and over again, with 308 the browser will update its cache and all future requests will use HTTPS by default (until the cache is cleared of course).
Back to top


Reply to topic   Topic: Redirecting http to https View previous topic :: View next topic
Post new topic   Forum Index -> Apache