I have a website which must be served _only_ over HTTPS. However, I serve pretty stupid users, so disabling port 80 is not ideal due to the 10 calls a day of "the site is down!". Rather, I want to redirect any and all requests, for any URL on this site, to the very same URL but using HTTPS. Below are the relevant parts of my httpd.conf:
<Directory "/var/www/apollo.paiz.org">
Options FollowSymLinks
AllowOverride All
RewriteEngine on
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*) https://apollo.paiz.org/$1 [R,L,NC]
Order allow,deny
Allow from all
</Directory>
Will a simple redirect work?
Redirect permanent / https://apollo.paiz/org
Thanks for the response, Bill. Unfortunately a simple redirect will not work, since the point is to force all requests to be over HTTPS. As it stands, the first time someone comes to the site they will get redirected to HTTPS, but if they ask for any other page directly they will happily continue using unsecured HTTP.
My hope is to take _any_ requested URL and rewrite "http://"; to "https://"; while keeping the rest of the URL intact. That way I can be sure that any page, no matter what, will always get sent out encrypted, and non-technical users are not "locked out" while they remember to add that "s", which just might be never.
I can't believe this is so hard, or that no one has ever done it. However, for the life of me I can't figure out what I did wrong; and three hours of Google gave no joy either.
-- Rodolfo J. Paiz [EMAIL PROTECTED]
-- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
