How to automatically redirect HTTP to HTTPS on Apache servers?
LinuxApache.HtaccessWebserverhttpd.confLinux Problem Overview
Environment Centos with apache
Trying to setup automatic redirection from http to https
From manage.mydomain.com --- To ---> https://manage.mydomain.com
I have tried adding the following to my httpd.conf but it didn't work
RewriteEngine on
ReWriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
Any ideas?
Linux Solutions
Solution 1 - Linux
I have actually followed this example and it worked for me :)
NameVirtualHost *:80
<VirtualHost *:80>
ServerName mysite.example.com
Redirect permanent / https://mysite.example.com/
</VirtualHost>
<VirtualHost _default_:443>
ServerName mysite.example.com
DocumentRoot /usr/local/apache2/htdocs
SSLEngine On
# etc...
</VirtualHost>
Then do:
/etc/init.d/httpd restart
Solution 2 - Linux
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI}
http://www.sslshopper.com/apache-redirect-http-to-https.html
or
http://www.cyberciti.biz/tips/howto-apache-force-https-secure-connections.html
Solution 3 - Linux
Searched for apache redirect http to https
and landed here. This is what i did on ubuntu:
###1) Enable modules
sudo a2enmod rewrite
sudo a2enmod ssl
###2) Edit your site config
Edit file
/etc/apache2/sites-available/000-default.conf
Content should be:
<VirtualHost *:80>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile <path to your crt file>
SSLCertificateKeyFile <path to your private key file>
# Rest of your site config
# ...
</VirtualHost>
- Note that the SSL module requires certificate. you will need to specify existing one (if you bought one) or to generate a self-signed certificate by yourself.
###3) Restart apache2
sudo service apache2 restart
Solution 4 - Linux
Using mod_rewrite is not the recommended way instead use virtual host and redirect.
In case, if you are inclined to do using mod_rewrite:
RewriteEngine On
# This will enable the Rewrite capabilities
RewriteCond %{HTTPS} !=on
# This checks to make sure the connection is not already HTTPS
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
# This rule will redirect users from their original location, to the same
location but using HTTPS.
# i.e. http://www.example.com/foo/ to https://www.example.com/foo/
# The leading slash is made optional so that this will work either in
# httpd.conf or .htaccess context
Reference: [Httpd Wiki - RewriteHTTPToHTTPS][1]
If you are looking for a 301 Permanent Redirect, then redirect flag should be as,
R=301
so the RewriteRule will be like,
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R=301,L]
[1]: https://wiki.apache.org/httpd/RewriteHTTPToHTTPS "Httpd Wiki - RewriteHTTPToHTTPS"
Solution 5 - Linux
Actually, your topic is belongs on https://serverfault.com/ but you can still try to check these .htaccess directives:
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule ^(.*) https://%{HTTP_HOST}/$1
Solution 6 - Linux
If you have Apache2.4 check 000-default.conf
- remove DocumentRoot
and add
Redirect permanent / https://[your-domain]/
Solution 7 - Linux
I needed this for something as simple as redirecting all http
traffic from the default apache home page on my server to one served over https
.
Since I'm still quite green when it comes to configuring apache, I prefer to avoid using mod_rewrite
directly and instead went for something simpler like this:
<VirtualHost *:80>
<Location "/">
Redirect permanent "https://%{HTTP_HOST}%{REQUEST_URI}"
</Location>
</VirtualHost>
<VirtualHost *:443>
DocumentRoot "/var/www/html"
SSLEngine on
...
</VirtualHost>
I like this because it allowed me to use apache variables, that way I didn't have to specify the actual host name since it's just an IP address without an associated domain name.
References: https://stackoverflow.com/a/40291044/2089675
Solution 8 - Linux
This code work for me.
# ----------port 80----------
RewriteEngine on
# redirect http non-www to https www
RewriteCond %{HTTPS} off
RewriteCond %{SERVER_NAME} =example.com
RewriteRule ^ https://www.%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
# redirect http www to https www
RewriteCond %{HTTPS} off
RewriteCond %{SERVER_NAME} =www.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
# ----------port 443----------
RewriteEngine on
# redirect https non-www to https www
RewriteCond %{SERVER_NAME} !^www\.(.*)$ [NC]
RewriteRule ^ https://www.%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
Solution 9 - Linux
Server version: Apache/2.4.29 (Ubuntu)
After long search on the web and in the official documentation of apache, the only solution that worked for me came from /usr/share/doc/apache2/README.Debian.gz
To enable SSL, type (as user root):
a2ensite default-ssl
a2enmod ssl
In the file /etc/apache2/sites-available/000-default.conf add the
> Redirect "/" "https://sub.domain.com/"
<VirtualHost *:80>
#ServerName www.example.com
DocumentRoot /var/www/owncloud
Redirect "/" "https://sub.domain.com/"
That's it.
P.S: If you want to read the manual without extracting:
gunzip -cd /usr/share/doc/apache2/README.Debian.gz
Solution 10 - Linux
Please try this one in apache Virtualhosting configuration and then reload apache service
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI}
Solution 11 - Linux
This worked for me:
RewriteCond %{HTTPS} =off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [QSA,L,R=301]
Solution 12 - Linux
for me this worked
RewriteEngine on
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]