Redirecting http to https using .htaccess

First off, I know absolutely nothing about coding so please be gentle and reply as if I'm an idiot!

I have a website on a Linux based virtual server so it uses both ports 80 and 443. I need visitors to go to the https version of the site for payment collection but as most users will not type in https or http they are immediately directed to http.

I need a user who types www.domainname.com or domainname.com into the address bar to find that https://domainname.com opens in their webbrowser.

various forums have advised that the .htaccess file should read:

RewriteEngine On

RewriteCond %{HTTPS} off

RewriteRule (.*) https://%{HTTPHOST}%{REQUESTURI}

and this should work. My htaccess files does read this, but it doesn't work.

Can anyone help!! Please speak very s-l-o-w-l-y if you are kind enough to do so.

Thanks

4 Replies

I'd guess that you haven't actually loaded mod_rewrite in yout apache configuration file(s).

To check if mod_rewrite is loaded, log in as root and issue the following command:

httpd -M

You might have to find the location of httpd to do this, to do that, try typing

whereis httpd

and see if it finds anything. Once you get a list from httpd -M, verify that rewrite_module is among the loaded modules.

If it's not, you'll have to configure Apache to load the module. To do that you'll need to have a line like

LoadModule rewritemodule modules/modrewrite.so

somewhere in httpd.conf. It's probably commented it, so see if you can find it in there somewhere before you add it yourself.

Hope that wasn't too fast. :)

I have a Virtual Host listening on Port 80 that redirects to the HTTPS host. I then have the VirtualHost listening on port 443. So they can type in just about anything at the one site and it will kick over to the secure site. Here is my Config for Apache. I found all that mod_rewrite stuff too complicated. In this example my SSL cert CN is "www.example.com" what is cool about this is if they type in exmapl.com it will kick them up to www.example.com with is correct for the SSL cert.

NameVirtualHost <myip>:80
NameVirtualHost <myip>:443

## example.com (SSL)
<virtualhost <myip="">:443>
ServerName www.example.com
ServerAlias example.com
DocumentRoot /home/<myuser>/www/example.com/htdocs
ErrorLog /home/<myuser>/www/example.com/logs/error_log
CustomLog /home/<myuser>/www/example.com/logs/access_log combined
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+SSLv3:+TLSv1:+EXP:+eNULL
SSLCertificateFile /etc/apache2/ssl/example.com.cert.pem
SSLCertificateKeyFile /etc/apache2/ssl/example.com.key.pem</myuser></myuser></myuser></virtualhost> 

## example.com (Redirect)
<virtualhost <myip="">:80>
ServerName www.example.com
ServerAlias example.com
Redirect permanent / https://www.example.com/</virtualhost></myip></myip> 

@kali25:

I have a Virtual Host listening on Port 80 that redirects to the HTTPS host. I then have the VirtualHost listening on port 443. So they can type in just about anything at the one site and it will kick over to the secure site. Here is my Config for Apache. I found all that mod_rewrite stuff too complicated. In this example my SSL cert CN is "www.example.com" what is cool about this is if they type in exmapl.com it will kick them up to www.example.com with is correct for the SSL cert.

Yeah, you'll need to use redirects rather than rewrites for an ssl connection.

If you want to retain the full url, but just change http to https you can do as kali25 suggests, except to use

RedirectMatch permanent ^/(.*)$ https://www.example.com/$1

This will redirect as:

http://www.example.com/path/to/file -> https://www.example.com/path/to/file

instead of just

http://www.example.com/ -> https://www.example.com/

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct