Solved

Have website always be https even if they type in http

Posted on 2006-11-17
17
224 Views
Last Modified: 2010-03-04
My company recently got a CA certificate from verisign.  Now we want to secure our entire website.  I have apache 2.0.49, and https works perfectly

I want to know if there is a way, without going and changing every page/link, to just make everything goto the https:// instead of http://
0
Comment
Question by:revo1059
  • 7
  • 7
  • 2
  • +1
17 Comments
 
LVL 43

Expert Comment

by:ravenpl
Comment Utility
In Your webroot folder create .htaccess file with following content

RewriteEngine On
ReriteCond %{HTTPS} off
RewriteRule (.*) htps://%{SERVER_NAME}%{REQUEST_URI} [L,R]
0
 
LVL 43

Accepted Solution

by:
ravenpl earned 300 total points
Comment Utility
Sorry for typos - my wireless kb fails sometimes - have to replace
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [L,R]

Also note, that it will redirect user externally - user will notice it's redirected. Also if user types
http://web.com and the real server name is www.web.com, it will be redirected to www.web.com - which is SERVER_NAME in our example.

0
 
LVL 1

Author Comment

by:revo1059
Comment Utility
i tried creating a .htacces and pasted the code you gave me exactly, and it didnt work.  Do i need to do anything else in apache to tell it to read that file?
0
 
LVL 43

Expert Comment

by:ravenpl
Comment Utility
> Do i need to do anything else in apache to tell it to read that file?
Usually no, mod_rewrite is usually there and allowed. But in fact You need to be allowed to override FileInfo
Refer http://httpd.apache.org/docs/2.0/mod/mod_rewrite.html#rewriteengine http://httpd.apache.org/docs/2.0/mod/core.html#allowoverride
You can also try:
RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
0
 
LVL 43

Expert Comment

by:ravenpl
Comment Utility
And the filename is .htaccess not .htacces - just to be sure.
0
 
LVL 1

Author Comment

by:revo1059
Comment Utility
I know, that was a type-o

I am not very familiar with the httpd.conf file, could you be more specific about where i need to put that allow override
0
 
LVL 43

Expert Comment

by:ravenpl
Comment Utility
Find section
<Directory />
add/change: AllowOverride FileInfo
and restart apache.
But I'm nost sure if that's the problem. Have You tried with the '!on' instead of 'off'
0
 
LVL 1

Author Comment

by:revo1059
Comment Utility
i looked at my config file.  It looks like i need to change a file in /etc/apache2 called default-server.conf

theres a part that starts with </Directory where i found my server root.  I changed that AllowOverride from none to all.  When i did that, I could get to my webpage anymore.  It said internal server error
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 
LVL 27

Assisted Solution

by:caterham_www
caterham_www earned 100 total points
Comment Utility
Just put a

Redirect 301 / https://example.com/

into your <virtualhost> for port 80.
0
 
LVL 1

Author Comment

by:revo1059
Comment Utility
I don't know what file to put that in.  I have SLES 9 and apache2.  Can you tell me where that would be

I searched /etc/apache2/httpd.conf, /etc/http/httpd.conf and couldn't find anything like <virtualhost>
0
 
LVL 13

Expert Comment

by:rhickmott
Comment Utility
Try placing it in the <directory> part for your document root.
0
 
LVL 43

Expert Comment

by:ravenpl
Comment Utility
revo1059: You can use Redirect but only if DocumentRoot for Ssl and nonSsl virtualhosts differ.
In such case, just create .htaccess in nonSsl web path with the content rhickmott provided.
0
 
LVL 1

Author Comment

by:revo1059
Comment Utility
when I tried the .htaccess, i got a error 500... internal server error
0
 
LVL 43

Expert Comment

by:ravenpl
Comment Utility
You need to be allow to override FileInfo. Also rewrite requires the very same override.
Refer http://httpd.apache.org/docs/2.0/mod/mod_alias.html#redirect http://httpd.apache.org/docs/2.0/mod/core.html#allowoverride
You can verist the real error in apache's error log.
0
 
LVL 1

Author Comment

by:revo1059
Comment Utility
I did a tail -f on the error_log for apache, and got this:

Invalid command 'RewriteEngine', perhaps mis-spelled or defined by a module not included in the server configuration
0
 
LVL 13

Assisted Solution

by:rhickmott
rhickmott earned 100 total points
Comment Utility
Look for

LoadModule rewrite_module modules/mod_rewrite.so

and remove any # from the start of it
0
 
LVL 1

Author Comment

by:revo1059
Comment Utility
I have just been told by my boss that he doesn't want https for the homepage.  I guess I will have to come up with another solution.  Thank you for all your advice.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Help with htaccess under apache 7 22
Redirect URL's containing question marks 5 45
PHP in Apache server 20 81
PHP Register global 21 63
If you are running a LAMP infrastructure, this little code snippet is very helpful if you are serving lots of HTML, JavaScript and CSS-related information. The mod_deflate module, which is part of the Apache 2.2 application, provides the DEFLATE…
Hi, in this article I'm going to teach you how to run your own site, and how to let people in (without IP). I'll talk about and explain each step... :) By the way, everything in this Tutorial is completely free and legal. This article is for …
This video discusses moving either the default database or any database to a new volume.
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now