Great! That is just what I needed. Appreciate the prompt response.
On 04/01/2016 09:00 PM, Brandon L. Wisenburg wrote:
Hi Everyone!
I have converted my website to SSL, and I go the virtual host
setup and SSL working in Apache. When someone uses
http://domain.com they get a connection refused, because of
course the server isn't listening on 80, as i have it setup
for SSL (443)
How would I make apache listen on http(80), but re-direct
anyone that hits http to https.
Is it possible to have apache listen on both 80 and 443?
Yes, absolutely. I do this routinely for all my sites. I have a
highly compartmentalized configuration but hopefully you'll get the
gist of it. This is what I use at the top level for
parts-unknown.org:
Listen 50.250.218.163:80
Listen 50.250.218.163:443
<VirtualHost 50.250.218.163:80>
Include sites-available/parts-unknown.org-common
Include sites-available/force-ssl-common
Include sites-available/parts-unknown.org-log-common
</VirtualHost>
<VirtualHost 50.250.218.163:443>
Include sites-available/parts-unknown.org-common
Include sites-available/ssl-common
Include sites-available/parts-unknown.org-log-common
</VirtualHost>
As you can see, I have multiple Listen declarations and multiple
virtual hosts. But the real magic (which probably isn't so magical
if you actually understand this stuff) is in force-ssl-common:
<IfModule mod_rewrite.c>
RewriteEngine on
ReWriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*)
https://%{HTTP_HOST}/$1 [NC,R,L]
</IfModule>
I don't use SNI basically because I started hosting these sites
before SNI was widely available and even when it started becoming
widely available it seemed broken (I gather this is no longer the
case). I don't know how or if that would change this configuration.
--
David Benfell, Ph.D.
benfell@xxxxxxxxxxxxxxxxx
