So I would do this for the virtual host sections – assuming you are only running ONE externally facing website – there are other things you would need to do if you were running multiple ones

## Send all traffic on port 80 to the primary domain over SSL…


<VirtualHost *:80>

  RequestHeader unset X-is-ssl

  RewriteEngine     on

  RewriteRule       ^(.*)$ https://www.example.com%{REQUEST_URI} [R=permanent,L,NE]

</VirtualHost>

 

## Send all traffic on port 443 which isn't the primary domain to the primary domain
## This implicitly picks up the IP for the host, the actual hostname OR the unqualified domain name example.com

 

<VirtualHost *:443>

  RewriteEngine     on

  RewriteRule       ^(.*)$ https://www.example.com/%{REQUEST_URI} [R,L,NE]

</VirtualHost>

 

<VirtualHost *:443>

  Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"

  ServerAdmin root@localhost

  ServerName www.example.com

  ## Do not use Server Alias here for alternative domains - only use for test/dev sites...

  DocumentRoot /var/www/wp

  <Directory "/var/www/wp">

    Options Indexes FollowSymLinks

    AllowOverride all

    Require all granted

  </Directory>

 

  ## Put the rest of your wordpress stuff here...

</VirtualHost>

 

From: Jason Long <hack3rcon@yahoo.com.INVALID>
Sent: 12 October 2020 16:39
To: users@httpd.apache.org
Subject: Re: [users@httpd] Forwarding IP to HTTPS. [EXT]

 

Excuse me,

Can you clean my configuration?

 

On Monday, October 12, 2020, 07:06:17 PM GMT+3:30, Frank <thumbs@apache.org> wrote:

 

 

James,

Omitting an explicit ServerName in name-based vhosts is a bad idea as
well. You can create conflicts or ambiguities.


On 12/10/20 11:22 AM, James Smith wrote:
> This would be my set-up in your case - note as someone said it was too complex I've removed the extra security bits I'd left in by accident...
>
> ## Port 80 && 443 default configs...
>
> <VirtualHost *:80>
>  RequestHeader unset X-is-ssl
>  RewriteEngine    on
>  RewriteRule      ^(.*)$ https://www.mydomain.com% [mydomain.com%]{REQUEST_URI} [R=permanent,L,NE]
> </VirtualHost>
>
> <VirtualHost *:443>
>  RewriteEngine    on
>  RewriteRule      ^(.*)$ https://www.mydomain.com/% [mydomain.com]{REQUEST_URI} [R,L,NE]
> </VirtualHost>
>
> ## Port 443 default - this is our main server...... so your main apache config stuff should be in here with SSL configured correctly..
>
> <VirtualHost *:443>
>  ServerName www.mydomain.com
>  ...
>  ...
>  ...
>  ...
>  ...
> </VirtualHost>

> If you have more than one domain then you will need to add rules on port 80 to preserve the hostname & also blocks for each additional domain
>
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

-- The Wellcome Sanger Institute is operated by Genome Research Limited, a charity registered in England with number 1021457 and a company registered in England with number 2742969, whose registered office is 215 Euston Road, London, NW1 2BE.