Redirecting http to https using .htaccess
I have a website on a Linux based virtual server so it uses both ports 80 and 443. I need visitors to go to the https version of the site for payment collection but as most users will not type in https or http they are immediately directed to http.
I need a user who types
various forums have advised that the .htaccess file should read:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTPHOST}%{REQUESTURI}
and this should work. My htaccess files does read this, but it doesn't work.
Can anyone help!! Please speak very s-l-o-w-l-y if you are kind enough to do so.
Thanks
4 Replies
httpd -M
You might have to find the location of httpd to do this, to do that, try typing
whereis httpd
and see if it finds anything. Once you get a list from httpd -M, verify that rewrite_module is among the loaded modules.
If it's not, you'll have to configure Apache to load the module. To do that you'll need to have a line like
LoadModule rewritemodule modules/modrewrite.so
somewhere in httpd.conf. It's probably commented it, so see if you can find it in there somewhere before you add it yourself.
Hope that wasn't too fast.
NameVirtualHost <myip>:80
NameVirtualHost <myip>:443
## example.com (SSL)
<virtualhost <myip="">:443>
ServerName www.example.com
ServerAlias example.com
DocumentRoot /home/<myuser>/www/example.com/htdocs
ErrorLog /home/<myuser>/www/example.com/logs/error_log
CustomLog /home/<myuser>/www/example.com/logs/access_log combined
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+SSLv3:+TLSv1:+EXP:+eNULL
SSLCertificateFile /etc/apache2/ssl/example.com.cert.pem
SSLCertificateKeyFile /etc/apache2/ssl/example.com.key.pem</myuser></myuser></myuser></virtualhost>
## example.com (Redirect)
<virtualhost <myip="">:80>
ServerName www.example.com
ServerAlias example.com
Redirect permanent / https://www.example.com/</virtualhost></myip></myip>
@kali25:
I have a Virtual Host listening on Port 80 that redirects to the HTTPS host. I then have the VirtualHost listening on port 443. So they can type in just about anything at the one site and it will kick over to the secure site. Here is my Config for Apache. I found all that mod_rewrite stuff too complicated. In this example my SSL cert CN is "
www.example.com " what is cool about this is if they type in exmapl.com it will kick them up towww.example.com with is correct for the SSL cert.
Yeah, you'll need to use redirects rather than rewrites for an ssl connection.
If you want to retain the full url, but just change http to https you can do as kali25 suggests, except to use
RedirectMatch permanent ^/(.*)$ https://www.example.com/$1
This will redirect as:
instead of just