[Techtalk] implementing HTTPS-only sitewide

Carla Schroder carla at bratgrrl.com
Wed Sep 5 05:32:58 UTC 2012

howdy techtalkers,

I need to figure out the best way to implement HTTPS for a client's site, and 
it's driving me buggy. It's Drupal 7 on Apache on CentOS 6. We have an SSL 
cert already installed. The problem I'm struggling with is how to implement it 
in a way that doesn't get in the way of site visitors; I have actually seen 
suggestions to force HTTPS only by closing port 80, and to serve up an error 
page for all HTTP requests that tells the user to type HTTPS. That is 
definitely not an option; it must be handled by the server.

I'm thinking the cleanest way, from the perspective of site visitors, is to 
redirect all HTTP requests to HTTPS. Just force HTTPS sitewide. Then I don't 
have to worry about accidentally missing a page or a form. So how do I do 
this? In Apache? Drupal? I've seen many different suggestions, and most of them 
look bizarre, and it seems odd that something this important is so poorly-
documented. So help plz.

thanks in advance,


btw I am developing great dislike for CPanel and other "helpful" frontends. 
They make a gawdawful mess sometimes!
Carla Schroder
ace Linux nerd
author of Linux Cookbook,
Linux Networking Cookbook,
Book of Audacity

More information about the Techtalk mailing list