LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   How do you properly redirect all web client requests from http to https? (https://www.linuxquestions.org/questions/linux-server-73/how-do-you-properly-redirect-all-web-client-requests-from-http-to-https-729982/)

mehoggan 06-01-2009 06:30 PM
How do you properly redirect all web client requests from http to https?
 
I have tried several things (one of which are included in my httpd.conf file below). However, no matter what I try when ever someone trys to get web pages from my server, they are returned using http, rather than https, and I want them returned using SSL. If you type https://www.geoginfo.com you will get to my index.html, and any subsequent page you can access via https://www.geoginfo.com/(the file or directory you want). However I don't want clients to manually have to do this. I would like them to be redirected. So below is my httpd.conf, please let me know what I need to change, or where I am going wrong. Thank you. (If you need more information please let me know)

<-----START HTTPD.conf----->
### Section 1: General Settings
Include conf.d/*.conf

ServerTokens OS
ServerRoot "/etc/httpd"
PidFile run/httpd.pid
Listen 192.168.1.1:80
Listen 192.168.1.1:443

<IfModule prefork.c>
StartServers 8
MinSpareServers 5
MaxSpareServers 20
ServerLimit 256
MaxClients 256
MaxRequestsPerChild 4000
</IfModule>

<IfModule worker.c>
StartServers 2
MaxClients 150
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
MaxRequestsPerChild 0
</IfModule>

### Section 2: Main Settings
#Apache Directives
User apache
Group apache
AddType application/x-httpd-php .php .php4 .php5#.html .htm
AddHandler php5-script .php
TypesConfig /etc/mime.types
DefaultType text/plain
AddDefaultCharset ISO-8859-1
LogLevel warn

#SSL Directives
SSLRandomSeed startup file:/dev/urandom 1024
SSLRandomSeed connect file:/dev/urandom 1024
SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout 300
SSLPassPhraseDialog builtin
SSLMutex default
SSLCryptoDevice builtin

### Section 3: Virtual Hosts
NameVirtualHost 192.168.1.1:80

<VirtualHost www.geoginfo.com:80>
RewriteEngine on
RewriteCond %{SERVER_PORT} ^80$
RewriteRule ^(.*)$ https://%{www.geoginfo.com}$1 [L,R]
RewriteLogLevel 2
ServerAdmin mehoggan@gmail.com
ServerName www.geoginfo.com:80
DocumentRoot "/mnt/data/geoginfo"
DirectoryIndex index.html index.php
ErrorLog logs/error_log

<Directory />
Options Indexes FollowSymLinks
AllowOverride None
</Directory>

<Directory "/mnt/data/geoginfo">
Options Indexes FollowSymLinks
AllowOverride AuthConfig FileInfo
#AllowOverride None
Order allow,deny
Allow from all
</Directory>

AccessFileName .htaccess
<Files ~ "^\.ht">
Order allow,deny
Deny from all
</Files>
</VirtualHost>

NameVirtualHost 192.168.1.1:443

<VirtualHost www.geoginfo.com:443>
ServerAdmin mehoggan@gmail.com
ServerName www.geoginfo.com:443

DocumentRoot "/mnt/data/geoginfo"
DirectoryIndex index.html index.php

<Directory />
Options +Indexes FollowSymLinks
AllowOverride None
SSLRequireSSL
</Directory>

<Directory "/mnt/data/geoginfo">
Options Indexes FollowSymLinks
AllowOverride AuthConfig FileInfo
Order allow,deny
Allow from all
</Directory>

AccessFileName .htaccess
<Files ~ "^\.ht">
Order allow,deny
Deny from all
</Files>

# SSL Configuration Part

ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn

SSLEngine on
SSLOptions +StrictRequire

SSLProtocol all +SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW

SSLCertificateFile /etc/httpd/conf/server.crt
SSLCertificateKeyFile /etc/httpd/conf/server.key

AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl

SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0

<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>

<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
</VirtualHost>

billymayday 06-01-2009 06:46 PM
Haven't read you whole post, but here's the rule I use for one virtualhost

RewriteRule ^.*$ https://webmail.example.com [R,L]

mehoggan 06-01-2009 11:27 PM
I am assuming that I was supposed to replace the domain name in your example with mine. With that assumption I tried your advice, by adding:

RewriteRule ^.*$ https://www.geoginfo.com [R,L]

AND OR

RewriteRule ^.*$ https://geoginfo.com [R,L]

to the httpd.conf file inside the virtual host which is directed towards port 80 or HTTP. I restarted Apache and then attempted to visit my site by typing www.geoginfo.com in the browser URL text box, hoping that I would be redirected to https://www.geoginfo.com or https://geoginfo.com, however I am sent to plain text non-secure http://www.geoginfo.com whenever I visit my website.

Once again if I manually type https://www.geoginfo.com or https://geoginfo.com into the browser URL text box it will take me to the secure version. However, I would like all paged to be directed automatically to https.

Please help I need to get the project off the ground in about a week and I am totally stumped.

billymayday 06-01-2009 11:42 PM
I'll post the full virtualhost definitions later.

chitambira 06-02-2009 03:49 AM
<VirtualHost *:80>
RewriteEngine On
RewriteCond ^{HTTPS} !on
RewriteRule ^/?(.*) https://%{HTTP_HOST}/$1 [R,QSA,L]
</VirtualHost>

<VirtualHost *:443>
.
.
# Check for geoginfo.com
RewriteEngine On
RewriteCond %{HTTP_HOST} ^.*geoginfo.com$
RewriteRule .* - [E=YOURDOMAIN:geoginfo.com]
.
.
</VirtualHost>


All times are GMT -5. The time now is 11:22 AM.