[Techtalk] implementing HTTPS-only sitewide
Carla Schroder
carla at bratgrrl.com
Wed Sep 5 18:55:56 UTC 2012
On Wednesday, September 05, 2012 11:35:44 AM Maria McKinley wrote:
> > I have a private webserver set up with Ubuntu and Apache2.
> > I do pretty much what you're asking (I think). This is how I do it:
> >
> > I have this bit added to /etc/apache2/sites-available/default
> >
> > <Directory /var/www/>
> >
> > Options Indexes FollowSymLinks MultiViews
> > AllowOverride None
> > Order allow,deny
> > allow from all
> > RewriteEngine On
> > RewriteCond %{HTTPS} off
> > RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
> >
> > </Directory>
> >
> > This redirects all requests to Https.
> >
> > –Veronica
>
> This is approximately what I was going to say. For some reason the
> RewriteCon and Rewrite rule are often in .htaccess, but I've never
> understood why.
I like this approach. I used something like this back in the dark ages, when
Apache was simple and blink tags roamed the earth :) I don't understand
putting this stuff in .htaccess either, which I have seen in a number of
howtos.
Thanks!
Carla
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Carla Schroder
ace Linux nerd
author of Linux Cookbook,
Linux Networking Cookbook,
Book of Audacity
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
More information about the Techtalk
mailing list