|
http > https for 1 of 6 sites
here goes...
first: production box is fc4 (yea it's old but it works good), kernel 2.6.17-1.2142_FC4, Apache 2.0.54, php 5.0.4-10.5, running 6 websites, mail, SSH, ssl, etc... everything is working fine. ONE of the sites has a secure Cert. and works fine on port 443 when you type HTTPS://... but shows apache 404 error page when http:// as the address. my question: how do I make apache redirect all http port 80 request, FOR THIS SITE ONLY to HTTPS port 443. before you say it.. I've tried: RewriteEngine On RewriteCond %{SERVER_PORT} !443 RewriteRule (.*) https://www.securesite.com/ [R] and Redirect permanent / https://www.securesite.com/ in the httpd.conf file but apache wants to redirect ALL 6 site to HTTPS://www.securesite.com/ (not good... hahaha) I tried adding both of the above (one at a time, hahaha) to a .htaccess file in the public dir and also as directives in the <VirtualHost> section of httpd.conf, FOR THE SITE, but still got the apache 404 page... I've also tried making "auto-redirect" and "be safe - click here" error pages with: ErrorDocument 404 /go2secure.html then: ErrorDocument 404 /var/home/public_html/error/go2secure.html in both files (httpd.conf and .htaccess) but still got the apache 404 page... (go2secure.htm never loaded/displayed in the browser) all checks were tried with both IE and Foxfire... any suggestions would be great... hivtop "to bad there are so many hackers cuz windows would be so much easier"... hahaha |
The short answer is you cannot do this. HTTP is a protocol that transmits data in the clear from requestor to server and back. The HTTPS protocol first establishes a secure connection, and then transmits data in both directions across that channel. If you were successful in redirecting the traffic to the "wrong" port, the browser and the server would disagree (violently) on the protocol to observe.
In order for Apache to respond correctly to connection requests, it must receive HTTP traffic on one port, and HTTPS traffic on a different port. By default, these are 80 and 443, respectively. Unfortunately, the details of the HTTPS protocol require that the client and server set up an encrypted channel before any data is exchanged, including the site URL being requested; this means that only one secure website can be supported in any meaningful way per IP address. Details are available via a Google search, if you want them. If what you want to do is to have both kinds of access to (mostly) the same pages, then the cleanest way to do this is to configure two virtual hosts with the same DocumentRoot, (one listening on port 80 and the other on port 443) and then include any additional directories in the HTTPS virtual host using the <Directory> tag. In order to keep HTTPS requests made from other sites out of your special site, declare another virtual host that listens on port 443 before the declaration of the special site. That way, if the site name requested does not match your special site, Apache will take the default action, which is to use the first virtual host listed in the configuration. This trapping virtual host can just point to a single page that says, in effect, "Don't bother me; there is no HTTPS support for this site". A side effect of this scheme is that (because of the one-site-per-IP rule, the requestor will get a copy of the certificate for your special site, and it should complain to its user that the certificate received does not match the site requested. If my wild guess about what you are trying to achieve is way off the mark, let us know what, in fact, you are attempting to do, and perhaps a solution to your problem will appear. Good luck. |
| All times are GMT -5. The time now is 10:53 AM. |