httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject Re: [users@httpd] How to direct http to https
Date Thu, 23 Feb 2006 22:32:59 GMT

Many thanks. I will follow the steps and see what happens.


On Thursday 23 February 2006 12:49 am, sanjay tripathi wrote:
> Hi  Scenario: You've changed the location/path of a webpage on your server,
> but you don't want to break links to the old location. You could just use
> symlinks, but you want the new URL to appear in the user's browser so that
> new links/bookmarks point to the new, real location of your page.   AND/OR
> you want requests to to be redirected
> to the https:// (SSL) version of that page. Especially if that page is in
> an Apache realm that requires a login, and you want the login to be
> encrypted.   This guide will explain how to do both of those things.   Step
> 1: Make sure mod_rewrite is being loaded; in other words, make sure that
> /etc/httpd/conf/httpd.conf contains the line: LoadModule rewrite_module
> modules/
>   Step 2: Back up and then edit httpd.conf (you will need to be root). If
> you're using VirtualHost directives (see link), then find the VirtualHost
> block that corresponds to the url you want to rewrite. Otherwise put it in
> wherever you set the options for your site, or put it in a separate
> Directory block -- whatever you prefer. Add the line: RewriteEngine On
> Also, if it's not already set, you will need to add:
> Options +FollowSymlinks
>   Step 3: Rules. If you're a regex king then you can get all kinds of fancy
> with these. I am just going to post a couple of simple example here:
> RewriteRule ^/oldpath/(.*)$ /newpath/$1 [R]
> In other words, followed by anything --
> /oldpath/oldpage.html, /oldpath/index.php, or just /oldpath/ by itself --
> will be rewritten to (followed by whatever
> followed the original URL). The R in brackets means "rewrite the URL in the
> user's browser." You can do "invisible" rewrites by leaving this off.
> RewriteRule ^(.*)\.html$ $1.php [R=permanent]
> This is nice for when you re-do your entire website in php, but you don't
> want to break links to   SSL
> Redirects: Are more complicated than that. In httpd.conf you make the
> (relatively-straightforward) rule, preceded by a conditional: RewriteCond  
> %{SERVER_PORT}  !^443$  RewriteRule ^/secret(.*)$
>$1 [L,R] The RewriteCond line says, "if the
> request is not already going to port 443 (the https port), then rewrite
> it." This prevents the server from doing redundant rewrites on URLs that
> are already correct. The rule itself is very similar to the previous
> example, except that it rewrites with the whole domain name so that it can
> include the https: part. The bracketed R is explained above, the additional
> L means "last rule" which I guess tells Apache to stop running the rewrite
> module or something. I really don't know.   But you're not done yet. Now
> you need to edit /etc/httpd/conf.d/ssl.conf. We're assuming here that
> you've already got certificates configured and whatnot (https: actually
> works). Here's what my Directory block looks like: <Directory
> "/home/">          Options +Indexes         
> SSLOptions           +StrictRequire          SSLRequire          
> %{SSL_CIPHER_USEKEYSIZE} >= 128          Order deny,allow          deny
> from all                  ########          # These next five lines are for
> requiring an Apache login          AuthType Basic          AllowOverride
> AuthConfig          AuthUserFile /etc/httpd/conf/users          AuthName
> "Restricted Area"          require valid-user          ########         
> satisfy any  </Directory> If you're not using Apache realm authentication,
> then leave out those five lines. If you ARE doing realms, but using
> separate .htaccess files, there is a way to do the rewrites and keep the
> .htaccess files but I couldn't make it work so I just moved the directives
> into httpd.conf. Sorry
> wrote:  Hello
> Certainly a newbie question but I wonder how apache directs http://mysite
> to https://mysite automatically? The setup on my machine is port 443 but
> this is not exactly what I want.
> Many thanks
> Ed
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See for more info.
> To unsubscribe, e-mail:
> " from the digest:
> For additional commands, e-mail:
> ---------------------------------
>  Yahoo! Mail
>  Use Photomail to share photos without annoying attachments.

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message