Re: http to https

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Sat, Mar 21, 2009 at 4:52 AM, Davide Bianchi
<davide@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
> Tim DeBoer wrote:
>> For example if I type in secure.foo.com <http://secure.foo.com>, I want
>> apache to read/load it as https://secure.foo.com in my browser.
>
> What you need is to setup an http site 'secure.foo.com' that
> automatically redirect to the https site.
> Somethig like
>
> <VirtualHost *:80>
>        Servername secure.foo.com
>        RedirectPermanent / https://secure.foo.com/
> </VirtualHost>
>
> Davide
>
> --
> I have replaced NT with Linux.
> Linux -- heir of the byte that dogged me.
>   -- Allan Willis
>

You can do it with a rewrite rule, too, your is just wrong. First, the
pattern in your rule is . which will match any one character, so it
will only match requests with a single character in the path. To match
anything, you want "^(.*)$", then you want to put "$1" at the end of
your rewrite substitution, so that the path they requested gets
appended to the rewritten request.

Second, you want to do a full redirect, not just a rewrite. Rewriting
is internal only and won't cause the client to connect securely. To
turn the rewrite rule into a redirect, add the [R] flag. If this is a
permanent set up, you should make it [R=301].

Finally, the way you have it set up, this will probably cause an
infinite redirect because you haven't filtered out requests that are
already https. Check the RewriteCond documentation, there's some way
to check this. You only want to apply your rewrite if it isn't already
https.

Anyway, Davide's suggestion is probably simpler.

-Brian

-- 
Feel free to contact me using PGP Encryption:
Key Id: 0x3AA70848
Available from: http://pgp.mit.edu/

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux