httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Beau Hebert" <bheb...@c-quential.com>
Subject RE: [users@httpd] HTTP to HTTPS using mod_rewrite
Date Thu, 15 May 2003 20:02:07 GMT
Hi
Should I place the Rewrite instructions in the HTTPS virtual host entry
or in the HTTP entry. I tried to place it into the httpd.conf all by
itself, and it didn't seem to work.

Thanks again.

Beau

-----Original Message-----
From: Jurgen [mailto:apache@squarehosting.com] 
Sent: Thursday, May 15, 2003 3:50 PM
To: users@httpd.apache.org
Subject: Re: [users@httpd] HTTP to HTTPS using mod_rewrite


Hi,

if you like to redirect http://domain.com/login.php to
https://domain.com/login.php and not http://domain.com then I would use:

RewriteEngine On
RewriteRule ^(.*)$ https://domain.com$1

This work if the http and https are seperate virtual hosts. Else you
have to add a RewriteCond to make sure that you only rewrite http
requests.

Jurgen


On Thu, 15 May 2003 15:17:36 -0400
"Beau Hebert" <bhebert@c-quential.com> wrote:

> Ya mean something like this:
> 
> 
> <VirtualHost *:80>
>  Redirect / https://server-name/
> </VirtualHost>
> 
> Do I need to do anything else to ensure the scenario outlined 
> previously?
> 
> Beau
> 
> -----Original Message-----
> From: Jurgen [mailto:apache@squarehosting.com]
> Sent: Thursday, May 15, 2003 3:20 PM
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] HTTP to HTTPS using mod_rewrite
> 
> 
> Hi,
> 
> why don't you put it all in the VirtualHost configuration? There is no

> need to use an .htaccess file.
> 
> Jurgen
> 
> 
> On Thu, 15 May 2003 14:36:42 -0400
> "Beau Hebert" <bhebert@c-quential.com> wrote:
> 
> > Not sure if the Redirect solution is quite the one I'm looking for. 
> > It
> 
> > could be, but as stated, I'm somewhat of a newbie...I'm attempting 
> > to
> > redirect all http requests to https. As it stands, if you enter the 
> > site at http://domain.com, the visitor is redirected to 
> > https://domain.com. I've got Listeners on ports 80 and 443, as well
as
> 
> > Virtual Hosts for both. Ultimately, what I would like to happen is
> > that if for some reason, during a session, someone attempted to take

> > the 's' away from https in say https://domain/login.jsp and tried to

> > simply access http://domain/login.jsp they would automatically be 
> > redirected back to https://domain/login.jsp (I would like this to 
> > happen on any and all pages in the site). As it stands now, I can
turn
> 
> > off port 80 in which the visitor gets a 'page cannot be displayed'.
> > The redirect solution seems only to redirect any given port 80
request
> 
> > to the https domain's homepage (i.e.  Redirect / 
> > https://server-name/)
> 
> > , and doesn_t seem to be intuitive enough as to keep the user on the
> > page that they are on and simply turn all http requests into https.
Am
> 
> > I making sense? I'm starting to confuse myself.... Succinctly put,
> > should the user attempt to tamper with the URL, I'd like all http 
> > requests rewritten to https and keep the user on the same page that 
> > they are on. Thanks for the help.
> > 
> > Beau
> > 
> > -----Original Message-----
> > From: Boyle Owen [mailto:Owen.Boyle@swx.com]
> > Sent: Thursday, May 15, 2003 11:10 AM
> > To: users@httpd.apache.org
> > Subject: RE: [users@httpd] HTTP to HTTPS using mod_rewrite
> > 
> > 
> > >-----Original Message-----
> > >From: Beau Hebert [mailto:bhebert@c-quential.com]
> > >
> > >I've been assigned the task of redirecting all incoming http 
> > >requests
> 
> > >to https. Problem is, I am not an administrator. I've done a little

> > >research, and it seems that this is possible using mod_rewrite. 
> > >I've copied the code that I've come up with below, but doesn't seem

> > >to be working. Can anyone confirm if this should/could work?
> > >
> > >Thanks much
> > >Beau
> > >
> > ><IfModule mod_rewrite.c>
> > >RewriteCond %{SERVER_PORT}           !^443$
> > >RewriteRule ^/(.*)
> > >https://%{SERVER_NAME}/$1 [L,R]
> > ></IfModule>
> > >
> > >#This code within Virtual Host
> > >RewriteEngine on
> > >RewriteOptions inherit
> > 
> > It is not too clear what you are trying to do. HTTP requests, by
> > default, are sent to port 80. So your RewriteCond would not be 
> > satisfied in any case.
> > 
> > I am assuming you want to trap plain HTTP requests for your site and
> > redirect them to your HTTPS service. To do so, you need two virtual 
> > hosts, one on HTTP and one on HTTPS. The HTTP VH just redirects all 
> > requests to HTTPS. So:
> > 
> > Listen 80
> > <VirtualHost *:80>
> >   Redirect / https://server-name/
> > </VirtualHost>
> > 
> > Listen 443
> > <VirtualHost *:443>
> >   ServerName server-name
> >   SSLCert..stuff..
> >   DocumentRoot /path/to/ssl/docs
> >   etc...
> > </VirtualHost>
> > 
> > Rgds,
> > Owen Boyle
> > Disclaimer: Any disclaimer attached to this message may be ignored.
> > >
> > >
> > >
> > >-------------------------------------------------------------------
> > >--
> > >The official User-To-User support forum of the Apache HTTP Server 
> > >Project. See <URL:http://httpd.apache.org/userslist.html> for more 
> > >info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > >   "   from the digest: users-digest-unsubscribe@httpd.apache.org
> > >For additional commands, e-mail: users-help@httpd.apache.org
> > >
> > >
> > Diese E-mail ist eine private und persönliche Kommunikation. Sie hat
> > keinen Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Swiss 
> > Exchange. This e-mail is of a private and personal nature. It is not

> > related to the exchange or business activities of the SWX Swiss 
> > Exchange. Le présent e-mail est un message privé et personnel, sans 
> > rapport avec l'activité boursière de la SWX Swiss Exchange
> > 
> > This message is for the named person's use only. It may contain
> > confidential, proprietary or legally privileged information. No 
> > confidentiality or privilege is waived or lost by any
mistransmission.
> 
> > If you receive this message in error, please notify the sender
> > urgently and then immediately delete the message and any copies of
it 
> > from your system. Please also immediately destroy any hardcopies of 
> > the message. You must not, directly or indirectly, use, disclose, 
> > distribute, print, or copy any part of this message if you are not
the
> 
> > intended recipient. The sender's company reserves the right to 
> > monitor
> 
> > all e-mail communications through their networks. Any views 
> > expressed
> > in this message are those of the individual sender, except where the

> > message states otherwise and the sender is authorised to state them
to
> 
> > be the views of the sender's company.
> > 
> > 
> > 
> > --------------------------------------------------------------------
> > -
> > The official User-To-User support forum of the Apache HTTP Server 
> > Project. See <URL:http://httpd.apache.org/userslist.html> for more 
> > info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> > 
> > 
> > 
> > --------------------------------------------------------------------
> > -
> > The official User-To-User support forum of the Apache HTTP Server 
> > Project. See <URL:http://httpd.apache.org/userslist.html> for more 
> > info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> > 
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server 
> Project. See <URL:http://httpd.apache.org/userslist.html> for more 
> info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 
> 
> 
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server 
> Project. See <URL:http://httpd.apache.org/userslist.html> for more 
> info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project. See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message