httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jurgen <apa...@squarehosting.com>
Subject Re: [users@httpd] HTTP to HTTPS using mod_rewrite
Date Thu, 15 May 2003 19:20:09 GMT
Hi,

why don't you put it all in the VirtualHost configuration? There is no need to use an .htaccess
file.

Jurgen


On Thu, 15 May 2003 14:36:42 -0400
"Beau Hebert" <bhebert@c-quential.com> wrote:

> Not sure if the Redirect solution is quite the one I'm looking for. It
> could be, but as stated, I'm somewhat of a newbie...I'm attempting to
> redirect all http requests to https. As it stands, if you enter the site
> at http://domain.com, the visitor is redirected to https://domain.com.
> I've got Listeners on ports 80 and 443, as well as Virtual Hosts for
> both. Ultimately, what I would like to happen is that if for some
> reason, during a session, someone attempted to take the 's' away from
> https in say https://domain/login.jsp and tried to simply access
> http://domain/login.jsp they would automatically be redirected back to
> https://domain/login.jsp (I would like this to happen on any and all
> pages in the site). As it stands now, I can turn off port 80 in which
> the visitor gets a 'page cannot be displayed'. The redirect solution
> seems only to redirect any given port 80 request to the https domain's
> homepage (i.e.  Redirect / https://server-name/) , and doesn_t seem to
> be intuitive enough as to keep the user on the page that they are on and
> simply turn all http requests into https. Am I making sense? I'm
> starting to confuse myself.... Succinctly put, should the user attempt
> to tamper with the URL, I'd like all http requests rewritten to https
> and keep the user on the same page that they are on. Thanks for the
> help. 
> 
> Beau
> 
> -----Original Message-----
> From: Boyle Owen [mailto:Owen.Boyle@swx.com] 
> Sent: Thursday, May 15, 2003 11:10 AM
> To: users@httpd.apache.org
> Subject: RE: [users@httpd] HTTP to HTTPS using mod_rewrite
> 
> 
> >-----Original Message-----
> >From: Beau Hebert [mailto:bhebert@c-quential.com]
> >
> >I've been assigned the task of redirecting all incoming http
> >requests to
> >https. Problem is, I am not an administrator. I've done a little
> >research, and it seems that this is possible using mod_rewrite. I've
> >copied the code that I've come up with below, but doesn't seem to be
> >working. Can anyone confirm if this should/could work?
> >
> >Thanks much
> >Beau
> >
> ><IfModule mod_rewrite.c>
> >RewriteCond %{SERVER_PORT}           !^443$
> >RewriteRule ^/(.*)
> >https://%{SERVER_NAME}/$1 [L,R]
> ></IfModule>
> >
> >#This code within Virtual Host
> >RewriteEngine on
> >RewriteOptions inherit
> 
> It is not too clear what you are trying to do. HTTP requests, by
> default, are sent to port 80. So your RewriteCond would not be satisfied
> in any case. 
> 
> I am assuming you want to trap plain HTTP requests for your site and
> redirect them to your HTTPS service. To do so, you need two virtual
> hosts, one on HTTP and one on HTTPS. The HTTP VH just redirects all
> requests to HTTPS. So:
> 
> Listen 80
> <VirtualHost *:80>
>   Redirect / https://server-name/
> </VirtualHost>
> 
> Listen 443
> <VirtualHost *:443>
>   ServerName server-name
>   SSLCert..stuff..
>   DocumentRoot /path/to/ssl/docs
>   etc...
> </VirtualHost>
> 
> Rgds,
> Owen Boyle
> Disclaimer: Any disclaimer attached to this message may be ignored. 
> >
> >
> >
> >---------------------------------------------------------------------
> >The official User-To-User support forum of the Apache HTTP
> >Server Project.
> >See <URL:http://httpd.apache.org/userslist.html> for more info.
> >To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >   "   from the digest: users-digest-unsubscribe@httpd.apache.org
> >For additional commands, e-mail: users-help@httpd.apache.org
> >
> >
> Diese E-mail ist eine private und persönliche Kommunikation. Sie hat
> keinen Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Swiss Exchange.
> This e-mail is of a private and personal nature. It is not related to
> the exchange or business activities of the SWX Swiss Exchange. Le
> présent e-mail est un message privé et personnel, sans rapport avec
> l'activité boursière de la SWX Swiss Exchange
> 
> This message is for the named person's use only. It may contain
> confidential, proprietary or legally privileged information. No
> confidentiality or privilege is waived or lost by any mistransmission.
> If you receive this message in error, please notify the sender urgently
> and then immediately delete the message and any copies of it from your
> system. Please also immediately destroy any hardcopies of the message.
> You must not, directly or indirectly, use, disclose, distribute, print,
> or copy any part of this message if you are not the intended recipient.
> The sender's company reserves the right to monitor all e-mail
> communications through their networks. Any views expressed in this
> message are those of the individual sender, except where the message
> states otherwise and the sender is authorised to state them to be the
> views of the sender's company. 
> 
> 
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server
> Project. See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 
> 
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message