[Techtalk] implementing HTTPS-only sitewide
Veronica K. B. Olsen
jadzia626 at gmail.com
Wed Sep 5 08:23:05 UTC 2012
On 5 September 2012 07:32, Carla Schroder <carla at bratgrrl.com> wrote:
> howdy techtalkers,
>
> I need to figure out the best way to implement HTTPS for a client's site,
> and
> it's driving me buggy. It's Drupal 7 on Apache on CentOS 6. We have an SSL
> cert already installed. The problem I'm struggling with is how to
> implement it
> in a way that doesn't get in the way of site visitors; I have actually seen
> suggestions to force HTTPS only by closing port 80, and to serve up an
> error
> page for all HTTP requests that tells the user to type HTTPS. That is
> definitely not an option; it must be handled by the server.
>
> I'm thinking the cleanest way, from the perspective of site visitors, is to
> redirect all HTTP requests to HTTPS. Just force HTTPS sitewide. Then I
> don't
> have to worry about accidentally missing a page or a form. So how do I do
> this? In Apache? Drupal? I've seen many different suggestions, and most of
> them
> look bizarre, and it seems odd that something this important is so poorly-
> documented. So help plz.
>
> thanks in advance,
>
> Carla
>
> btw I am developing great dislike for CPanel and other "helpful" frontends.
> They make a gawdawful mess sometimes!
> --
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Carla Schroder
> ace Linux nerd
> author of Linux Cookbook,
> Linux Networking Cookbook,
> Book of Audacity
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> _______________________________________________
> Techtalk mailing list
> Techtalk at linuxchix.org
> http://mailman.linuxchix.org/mailman/listinfo/techtalk
>
I have a private webserver set up with Ubuntu and Apache2.
I do pretty much what you're asking (I think). This is how I do it:
I have this bit added to /etc/apache2/sites-available/default
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</Directory>
This redirects all requests to Https.
–Veronica
More information about the Techtalk
mailing list