Apache redirect rule from http to https

Apache redirect rule from http to https

Post by Marc Andre Paqui » Sat, 23 Mar 2002 21:49:17



Hello,

I need to make a rule so apache redirect any user trying to connect to a
certain directory without a SSL connection.

What should I write in the http.conf so any attempt to go to :
http://www.xyz.com/tabou/

would be automaticly sent to:
https://www.xyz.com/tabou/

Thanks!

PS please remove the No in my e-mail...
--
Marc Andr Paquin

 
 
 

Apache redirect rule from http to https

Post by Paul Southwor » Sun, 24 Mar 2002 04:56:44




Quote:>I need to make a rule so apache redirect any user trying to connect to a
>certain directory without a SSL connection.

>What should I write in the http.conf so any attempt to go to :
>http://www.xyz.com/tabou/

>would be automaticly sent to:
>https://www.xyz.com/tabou/

First, since this question has nothing to do with FreeBSD, I suggest
that you post on comp.infosystems.www.servers.unix next time -
that's where the Apache users are.

Regarding the redirect, I set up two virtualhosts, one is
for the www.xyz.com site on port 80, and one for the SSL
site on port 443.  Then the site on port 80 would look something
like this:

<virtualhost *:80>
servername www.xyz.com
serveralias xyz.com
redirect / https://www.xyz.com/
</virtualhost>

 
 
 

Apache redirect rule from http to https

Post by Jason Neuman » Sun, 24 Mar 2002 08:18:56



> I need to make a rule so apache redirect any user trying to connect to a
> certain directory without a SSL connection.

Greetings Marc,

Here is a simple way to redirect.

I move the contents of the directory I would like secured to some other
directory, such as tabou2 and then put this index.html file in my tabou
directory. It's a quick simple way to redirect to ssl without having to
modify httpd.conf, and it aloows you to move your tabou directory
anywhere you want in the future.

-----
# this index.html file would be in /usr/local/www/data/tabou or
equivalent for your configuration.

<HTML>
<HEAD>
<META HTTP-Equiv="Refresh" CONTENT="0; URL=https://www.xyz.com/tabou2">
</HEAD>
</HTML>

Cheers,

Jason

------------------------------------------------
Whether your a FreeBSD newbie or just want to be
one for a day,  checkout my new website.  It has
newbie written all over it!

------------------------------------------------
      http://www.geekvenue.net/chucktips
      _                _    _   _          
  ___| |__  _   _  ___| | _| |_(_)_ __  ___
 / __| '_ \| | | |/ __| |/ / __| | '_ \/ __|
| (__| | | | |_| | (__|   <| |_| | |_) \__ \
 \___|_| |_|\__,_|\___|_|\_\\__|_| .__/|___/
  n e w b i e   f r i e n d l y  |_|  
------------------------------------------------
"It's what being newbie friendly is all about!"
                          - chucktips ubergeek

 
 
 

Apache redirect rule from http to https

Post by Drew Laws » Sun, 24 Mar 2002 09:06:03




Quote:><META HTTP-Equiv="Refresh" CONTENT="0; URL=https://www.xyz.com/tabou2">

Zero-time meta refresh redirects are just plain evil.
Users refer to this as "breaking the 'back' button."

If you cannot do a proper HTTP redirect, then go ahead and use META,
but at least give a non-zero refresh time so you don't trap the
user on your site.

--
Drew Lawson            | Radioactive cats have

http://www.furrfu.com/ |

 
 
 

Apache redirect rule from http to https

Post by Paul Southwor » Sun, 24 Mar 2002 09:58:34





>> I need to make a rule so apache redirect any user trying to connect to a
>> certain directory without a SSL connection.

>Greetings Marc,

>Here is a simple way to redirect.

>I move the contents of the directory I would like secured to some other
>directory, such as tabou2 and then put this index.html file in my tabou
>directory. It's a quick simple way to redirect to ssl without having to
>modify httpd.conf, and it aloows you to move your tabou directory
>anywhere you want in the future.

This is not a better way, it's a much worse way.  In fact if
the tabou2 directory is still available on the non-SSL site, users
would still be able to access the data via the non-SSL site if they
have two bits worth of net-sense.  If the content or the authentication
data is worth anything at all (ie, worth protecting) then this method
is really a bad idea.

(Side stepping the issue of META REFRESH, yuck-o.)

--Paul

 
 
 

1. HTTP redirecting to HTTPS directly in apache 2

Hi all,
I've tried to search whole archive in this (through google function), but it
seems no one tried to giving a correct answer for this similar question:

okay... I've made a common homepage with URL:

http://www.xyz.com:57142

and also I've setup a SSL Secure webpage in port 47142, and it has run well,
and to go there I need to type:

https://www.xyz.com:47142/admin   => note that this is the only directory
that uses SSL, the other is not.

now, I want to have user directly go to that SECURE URL without need to type
https and also the port 47142. So when user try to type:

http://www.xyz.com:57142/admin  I want it directly go to
https://www.xyz.com:47142/admin

I've tried to do lot of ways, for example try to add "redirect" and
"SSLRequireSSL" inside admin directive:

<Directory "/apache2/htdocs/admin">
     SSLRequireSSL
     redirect /admin "https://www.xyz.com:47142/admin/"
</Directory>

but not working, also I tried to make it outside the Directory directives
(so as global):

redirect /admin "https://www.xyz.com:47142/admin/"

but not working too, and tried to make as VirtualHost:

<VirtualHost *:57142>
   ServerName www.xyz.com:47142
   Redirect / "https://www.xyz.com:47142/admin/"
</VirtualHost>

Any idea what should I do to do that? I kinda desperate to do this...hics...

thank you in advance
'Jhs

2. Gateway Solo 2200 and X

3. Apache and redirecting http:// to https://

4. Oracle & Solaris

5. Apache redirect from http to https on the same host

6. Is the bug in my brain or g++?

7. apache http proxy - http/1.0 vs http/1.1

8. trn question

9. rewrite rule for http URL -> https URL on specified directory

10. NewbQ : Redirecting http to https for subdirs

11. Redirecting https to http

12. Redirecting from http to https

13. redirect to http:// to http://www