[Techtalk] implementing HTTPS-only sitewide
carla at bratgrrl.com
Wed Sep 5 05:32:58 UTC 2012
I need to figure out the best way to implement HTTPS for a client's site, and
it's driving me buggy. It's Drupal 7 on Apache on CentOS 6. We have an SSL
cert already installed. The problem I'm struggling with is how to implement it
in a way that doesn't get in the way of site visitors; I have actually seen
suggestions to force HTTPS only by closing port 80, and to serve up an error
page for all HTTP requests that tells the user to type HTTPS. That is
definitely not an option; it must be handled by the server.
I'm thinking the cleanest way, from the perspective of site visitors, is to
redirect all HTTP requests to HTTPS. Just force HTTPS sitewide. Then I don't
have to worry about accidentally missing a page or a form. So how do I do
this? In Apache? Drupal? I've seen many different suggestions, and most of them
look bizarre, and it seems odd that something this important is so poorly-
documented. So help plz.
thanks in advance,
btw I am developing great dislike for CPanel and other "helpful" frontends.
They make a gawdawful mess sometimes!
ace Linux nerd
author of Linux Cookbook,
Linux Networking Cookbook,
Book of Audacity
More information about the Techtalk