This has been done at r#1842437, and it's working fine. Thanks & Regards -- Deepak Dixit
On Mon, Oct 1, 2018 at 1:55 PM, Deepak Dixit <[email protected]> wrote: > Thanks Michael, > > I just discuss this with our sysadmin, and he suggests the same as your > solution :) > > Let me commit this. > > > Thanks & Regards > -- > Deepak Dixit > > > On Mon, Oct 1, 2018 at 1:45 PM, Michael Brohl <[email protected]> > wrote: > >> Hi Deepak, >> >> I would suggest >> >> === >> >> RewriteCond %{HTTPS} off >> RewriteRule ^\/?(.*)$ https://%{HTTP_HOST}/$1 [R=301,L] >> >> === >> >> >> 1st statement just checks if https is not active, independent of the >> ports used. >> >> 2nd statement does a 301 redirect telling Google that it is permanent. >> >> Regards, >> >> Michael >> >> >> Am 01.10.18 um 08:32 schrieb Deepak Dixit: >> >> Thanks Jacques, >>> >>> Following rule should work. >>> ============= >>> RewriteCond %{SERVER_PORT} 80 >>> RewriteRule ^(.*)$ https://ofbiz.apache.org/$1 [R,L] >>> ============= >>> >>> Please confirm if it looks good. >>> >>> Thanks & Regards >>> -- >>> Deepak Dixit >>> >>> >>> On Mon, Oct 1, 2018 at 11:45 AM, Jacques Le Roux < >>> [email protected]> wrote: >>> >>> That's quite a good idea Deepak >>>> >>>> Jacques >>>> >>>> >>>> >>>> Le 01/10/2018 à 07:30, Deepak Dixit a écrit : >>>> >>>> We have .htaccess file, we can write redirect rule in this file. >>>>> >>>>> Thanks & Regards >>>>> -- >>>>> Deepak Dixit >>>>> >>>>> >>>>> On Sun, Sep 30, 2018 at 3:51 PM, Ashish Vijaywargiya < >>>>> [email protected]> wrote: >>>>> >>>>> Few important articles from Google's official security blog site: >>>>> >>>>>> https://security.googleblog.com/2014/08/https-as-ranking-sig >>>>>> nal_6.html >>>>>> https://security.googleblog.com/2015/12/indexing-https- >>>>>> pages-by-default.html >>>>>> https://security.googleblog.com/2017/04/next-steps-toward- >>>>>> more-connection.html >>>>>> https://security.googleblog.com/2018/02/a-secure-web-is-here >>>>>> -to-stay.html >>>>>> >>>>>> Kind Regards >>>>>> Ashish Vijaywargiya >>>>>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/> >>>>>> >>>>>> >>>>>> >>>>>> On Sun, Sep 30, 2018 at 3:31 PM Ashish Vijaywargiya < >>>>>> [email protected]> wrote: >>>>>> >>>>>> Thanks, Jacques, Please feel free to get it done and let me know if >>>>>> some >>>>>> >>>>>>> help is required from my side. Thanks! >>>>>>> >>>>>>> -- >>>>>>> Kind Regards >>>>>>> Ashish Vijaywargiya >>>>>>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/> >>>>>>> >>>>>>> >>>>>>> >>>>>>> On Sun, Sep 30, 2018 at 1:38 PM Jacques Le Roux < >>>>>>> [email protected]> wrote: >>>>>>> >>>>>>> We can handle it ourselves. It's puppetised. The file is >>>>>>> >>>>>>>> infrastructure-puppet\data\roles\tlpserver.yaml at >>>>>>>> https://github.com/apache/infrastructure-puppet.git in >>>>>>>> >>>>>>>> origin/deployment >>>>>>> branch >>>>>>> >>>>>>>> OFBiz block is >>>>>>>> >>>>>>>> ofbiz: >>>>>>>> vhost_name: '*' >>>>>>>> port: 80 >>>>>>>> servername: 'www.ofbiz.org' >>>>>>>> docroot: '/www/ofbiz.apache.org' >>>>>>>> manage_docroot: false >>>>>>>> serveraliases: >>>>>>>> - 'ofbiz.org' >>>>>>>> serveradmin: '[email protected]' >>>>>>>> access_log_file: '/x1/logs/weblog.log' >>>>>>>> error_log_file: '/x1/logs/errorlog.log' >>>>>>>> custom_fragment: | >>>>>>>> Redirect permanent / http://ofbiz.apache.org/ >>>>>>>> UseCanonicalName On >>>>>>>> RewriteEngine On >>>>>>>> RewriteOptions inherit >>>>>>>> >>>>>>>> # bigfiles.ofbiz.org >>>>>>>> RewriteCond ${lowercase:%%{}{HTTP_HOST}} >>>>>>>> ^bigfiles(?:\.\w+)?\.ofbiz\.org$ >>>>>>>> RewriteRule (.*) http://ofbiz-bigfiles.apache.org/ [L] >>>>>>>> >>>>>>>> So we should add a ssl block and redirect http block to https as >>>>>>>> explained at https://wiki.apache.org/httpd/RedirectSSL >>>>>>>> >>>>>>>> We can do a PR for that. Then it's better with an INFRA Jira because >>>>>>>> >>>>>>>> it's >>>>>>> then seen and prioritised by the Infra team >>>>>>> >>>>>>>> Jacques >>>>>>>> >>>>>>>> >>>>>>>> Le 30/09/2018 à 08:03, Taher Alkhateeb a écrit : >>>>>>>> >>>>>>>> +1 >>>>>>>>> >>>>>>>>> I'm not sure any effort is needed from our side? We just need to >>>>>>>>> >>>>>>>>> coordinate >>>>>>>> >>>>>>>> with infra right? >>>>>>>>> >>>>>>>>> On Sun, Sep 30, 2018, 8:01 AM Ashish Vijaywargiya < >>>>>>>>> [email protected]> wrote: >>>>>>>>> >>>>>>>>> Hello Team, >>>>>>>>> >>>>>>>>>> I think we should put some effort and make it work like if some >>>>>>>>>> user >>>>>>>>>> >>>>>>>>>> hits >>>>>>>>> http://ofbiz.apache.org(default port http) then the user is >>>>>>>>> redirected to >>>>>>>>> https://ofbiz.apache.org(Secure port https) >>>>>>>>> >>>>>>>>>> For now, the user sees a message "Not Secure" in the Google Chrome >>>>>>>>>> >>>>>>>>>> browser >>>>>>>>> URL if the user comes to the official ofbiz website. This message >>>>>>>>> can >>>>>>>>> >>>>>>>>>> confuse the end user and he can move away if he is the new user >>>>>>>>>> >>>>>>>>>> visiting >>>>>>>>> the project website. >>>>>>>>> >>>>>>>>>> This issue can be easily addressed by setting up the apache >>>>>>>>>> >>>>>>>>>> redirects. >>>>>>>>> >>>>>>>> This >>>>>>> >>>>>>>> change will also help the project URLs from SEO point of view. >>>>>>>>> >>>>>>>>>> Please share your thoughts then we can plan the things >>>>>>>>>> accordingly. >>>>>>>>>> Thanks! >>>>>>>>>> >>>>>>>>>> -- >>>>>>>>>> Kind Regards >>>>>>>>>> Ashish Vijaywargiya >>>>>>>>>> HotWax Systems - est. 1997 <http://www.hotwaxsystems.com/> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >> >> >
