How to redirect http to https

Asked

Viewed 5,258 times

12

Well surely there must already be a question very similar to this in stackoverflow.

But before they mark it as a duplicate, I have a specification that I haven’t found any "equal" question to this one that I’m going to ask.

Well I intend to do this:

I have several domains whose virtualhost points to the same physical path /www/site/public_html.

However the example.com domain, I bought ssl and it has https.

What I intended to do was an htacess file that would make me redirect http:// and www to https for my example domain.com.

However, I do not want the other domains to be affected, in other words I do not want the other domains to be https.

In short:

Make 1 condition that if the user comes from http:// example.com or www.exemplo.com to automatically redirect to https:// example.com however, if it comes from another domain do nothing.

How could this be done?

<VirtualHost *:80>
    ServerName www.foo.bar
    Redirect / https://www.foo.bar/
</VirtualHost>

<VirtualHost *:443>
    ServerName www.foo.bar
    # ... Configuração SSL
</VirtualHost>

Thank you.

  • Someone, can help me?

  • Gonçalo, your question has been answered?

2 answers

11


This is a very simple alternative:

RewriteEngine On 
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} ^(www\.)?domain\.com$ [NC]
RewriteRule ^.*$ https://www.domain.com%{REQUEST_URI} [R,L]

If you’d prefer it all to go without www, change the last line by

RewriteRule ^.*$ https://domain.com%{REQUEST_URI} [R,L]

If you prefer to keep the www equal typed, exchange the last line for

RewriteRule ^.*$ https://%1domain.com%{REQUEST_URI} [R,L]

Remembering that if you put the certificate in the same IP of the sites SEM certificate, and someone tries to access https://site-sem-certificado.com.br will give error anyway, because the SSL negotiation comes before apache process page.

And that’s why a site with HTTPS puts itself on a unique IP (or if it spends money on certificates for multiple domains).

Edit: it’s been a while since browsers have negotiated the domain name on Handshake, so it’s very common to have multiple domains on the same IP (there are still cases of "mixing" that will give problem with wrong certificate). At the time of the answer it was still problematic to rely on this support for important things. Still, with free alternatives like Let’s Encrypt, it is recommended to have HTTPS at all.

11

Rewriterule is no longer recommended according to Apache documentation.

For the same effect, the recommended method is redirect:

<VirtualHost *:80>
    ServerName www.site.com
    Redirect / https://www.example.com/
</VirtualHost>

You will then also need to configure the service that will offer HTTPS:

<VirtualHost *:443>
    ServerName www.example.com
    SSLEngine On
    SSLCertificateFile /etc/ssl/localcerts/www.example.com.crt
    SSLCertificateKeyFile /etc/ssl/localcerts/www.example.com.key
    SSLCACertificateFile /etc/ssl/localcerts/ca.pem  # Se estiver utilizando um certificado auto-emitido, omita essa linha
</VirtualHost>

Source.

  • 1

    +1 I like this solution, the problem is just the lack of "joker" for internal links (but on a site that was "born from scratch" with SSL this is not a problem).

  • 1

    @Bacco agree, I do not know methods for conditional redirection via VirtualHost.

  • In servername I put the only site I want to redirect?

  • @Exactly Gonçalo. Replace www.site.com and www.example.com with your unique website URL.

  • Right, I copy the 2 snippets of code and put it in an htacess file? If so, why don’t we just open the virtualhost 1x?

  • @Gonçalo Because the first is mapped to your http site (port 80), and the second to your https site (port 443).

  • I’ll try, a moment!

  • Did not work, gave Internal server error, I will post my htacess file.

  • @Gonçalo would help if you posted the full error message. Additionally, the area marked as # ... Configuração SSL should be replaced and properly configured. I will add an example.

  • The only thing they put me on the host was a file . txt, how do I attach?

  • 3

    note, the documentation does not state that it is not recommended to use the mod_rewrite to resolve the issue in context, but says that when it is possible to resolve with the mod_alias, it is preferable to use it instead of the mod_rewrite.

  • @Gonçalo, the code is for apache httpd.conf, not htaccess.

Show 7 more comments

Browser other questions tagged

You are not signed in. Login or sign up in order to post.