[Techtalk] implementing HTTPS-only sitewide

Veronica K. B. Olsen jadzia626 at gmail.com
Wed Sep 5 08:23:05 UTC 2012

On 5 September 2012 07:32, Carla Schroder <carla at bratgrrl.com> wrote:

> howdy techtalkers,
> I need to figure out the best way to implement HTTPS for a client's site,
> and
> it's driving me buggy. It's Drupal 7 on Apache on CentOS 6. We have an SSL
> cert already installed. The problem I'm struggling with is how to
> implement it
> in a way that doesn't get in the way of site visitors; I have actually seen
> suggestions to force HTTPS only by closing port 80, and to serve up an
> error
> page for all HTTP requests that tells the user to type HTTPS. That is
> definitely not an option; it must be handled by the server.
> I'm thinking the cleanest way, from the perspective of site visitors, is to
> redirect all HTTP requests to HTTPS. Just force HTTPS sitewide. Then I
> don't
> have to worry about accidentally missing a page or a form. So how do I do
> this? In Apache? Drupal? I've seen many different suggestions, and most of
> them
> look bizarre, and it seems odd that something this important is so poorly-
> documented. So help plz.
> thanks in advance,
> Carla
> btw I am developing great dislike for CPanel and other "helpful" frontends.
> They make a gawdawful mess sometimes!
> --
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Carla Schroder
> ace Linux nerd
> author of Linux Cookbook,
> Linux Networking Cookbook,
> Book of Audacity
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> _______________________________________________
> Techtalk mailing list
> Techtalk at linuxchix.org
> http://mailman.linuxchix.org/mailman/listinfo/techtalk

I have a private webserver set up with Ubuntu and Apache2.
I do pretty much what you're asking (I think). This is how I do it:

I have this bit added to /etc/apache2/sites-available/default

<Directory /var/www/>
    Options Indexes FollowSymLinks MultiViews
    AllowOverride None
    Order allow,deny
    allow from all
    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

This redirects all requests to Https.


More information about the Techtalk mailing list