How do you properly redirect all web client requests from http to https?
I have tried several things (one of which are included in my httpd.conf file below). However, no matter what I try when ever someone trys to get web pages from my server, they are returned using http, rather than https, and I want them returned using SSL. If you type https://www.geoginfo.com you will get to my index.html, and any subsequent page you can access via https://www.geoginfo.com/(the file or directory you want). However I don't want clients to manually have to do this. I would like them to be redirected. So below is my httpd.conf, please let me know what I need to change, or where I am going wrong. Thank you. (If you need more information please let me know)
<-----START HTTPD.conf-----> ### Section 1: General Settings Include conf.d/*.conf ServerTokens OS ServerRoot "/etc/httpd" PidFile run/httpd.pid Listen 192.168.1.1:80 Listen 192.168.1.1:443 <IfModule prefork.c> StartServers 8 MinSpareServers 5 MaxSpareServers 20 ServerLimit 256 MaxClients 256 MaxRequestsPerChild 4000 </IfModule> <IfModule worker.c> StartServers 2 MaxClients 150 MinSpareThreads 25 MaxSpareThreads 75 ThreadsPerChild 25 MaxRequestsPerChild 0 </IfModule> ### Section 2: Main Settings #Apache Directives User apache Group apache AddType application/x-httpd-php .php .php4 .php5#.html .htm AddHandler php5-script .php TypesConfig /etc/mime.types DefaultType text/plain AddDefaultCharset ISO-8859-1 LogLevel warn #SSL Directives SSLRandomSeed startup file:/dev/urandom 1024 SSLRandomSeed connect file:/dev/urandom 1024 SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000) SSLSessionCacheTimeout 300 SSLPassPhraseDialog builtin SSLMutex default SSLCryptoDevice builtin ### Section 3: Virtual Hosts NameVirtualHost 192.168.1.1:80 <VirtualHost www.geoginfo.com:80> RewriteEngine on RewriteCond %{SERVER_PORT} ^80$ RewriteRule ^(.*)$ https://%{www.geoginfo.com}$1 [L,R] RewriteLogLevel 2 ServerAdmin mehoggan@gmail.com ServerName www.geoginfo.com:80 DocumentRoot "/mnt/data/geoginfo" DirectoryIndex index.html index.php ErrorLog logs/error_log <Directory /> Options Indexes FollowSymLinks AllowOverride None </Directory> <Directory "/mnt/data/geoginfo"> Options Indexes FollowSymLinks AllowOverride AuthConfig FileInfo #AllowOverride None Order allow,deny Allow from all </Directory> AccessFileName .htaccess <Files ~ "^\.ht"> Order allow,deny Deny from all </Files> </VirtualHost> NameVirtualHost 192.168.1.1:443 <VirtualHost www.geoginfo.com:443> ServerAdmin mehoggan@gmail.com ServerName www.geoginfo.com:443 DocumentRoot "/mnt/data/geoginfo" DirectoryIndex index.html index.php <Directory /> Options +Indexes FollowSymLinks AllowOverride None SSLRequireSSL </Directory> <Directory "/mnt/data/geoginfo"> Options Indexes FollowSymLinks AllowOverride AuthConfig FileInfo Order allow,deny Allow from all </Directory> AccessFileName .htaccess <Files ~ "^\.ht"> Order allow,deny Deny from all </Files> # SSL Configuration Part ErrorLog logs/ssl_error_log TransferLog logs/ssl_access_log LogLevel warn SSLEngine on SSLOptions +StrictRequire SSLProtocol all +SSLv2 SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW SSLCertificateFile /etc/httpd/conf/server.crt SSLCertificateKeyFile /etc/httpd/conf/server.key AddType application/x-x509-ca-cert .crt AddType application/x-pkcs7-crl .crl SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 <Files ~ "\.(cgi|shtml|phtml|php3?)$"> SSLOptions +StdEnvVars </Files> <Directory "/var/www/cgi-bin"> SSLOptions +StdEnvVars </Directory> </VirtualHost> |
Haven't read you whole post, but here's the rule I use for one virtualhost
RewriteRule ^.*$ https://webmail.example.com [R,L] |
I am assuming that I was supposed to replace the domain name in your example with mine. With that assumption I tried your advice, by adding:
RewriteRule ^.*$ https://www.geoginfo.com [R,L] AND OR RewriteRule ^.*$ https://geoginfo.com [R,L] to the httpd.conf file inside the virtual host which is directed towards port 80 or HTTP. I restarted Apache and then attempted to visit my site by typing www.geoginfo.com in the browser URL text box, hoping that I would be redirected to https://www.geoginfo.com or https://geoginfo.com, however I am sent to plain text non-secure http://www.geoginfo.com whenever I visit my website. Once again if I manually type https://www.geoginfo.com or https://geoginfo.com into the browser URL text box it will take me to the secure version. However, I would like all paged to be directed automatically to https. Please help I need to get the project off the ground in about a week and I am totally stumped. |
I'll post the full virtualhost definitions later.
|
<VirtualHost *:80>
RewriteEngine On RewriteCond ^{HTTPS} !on RewriteRule ^/?(.*) https://%{HTTP_HOST}/$1 [R,QSA,L] </VirtualHost> <VirtualHost *:443> . . # Check for geoginfo.com RewriteEngine On RewriteCond %{HTTP_HOST} ^.*geoginfo.com$ RewriteRule .* - [E=YOURDOMAIN:geoginfo.com] . . </VirtualHost> |
All times are GMT -5. The time now is 11:22 AM. |