Re: Apache ssl as Default
On 2/16/07, Oded Arbel <[EMAIL PROTECTED]> wrote: On Fri, 2007-02-16 at 00:27 +0200, Chaim Keren Tzion wrote: > What is the recommended way to set up Apache2 so that all sites will default > to ssl (https) even if entered as http? > > I don't want to have to set up a rewrite for each directory or virtual server. I think you can get away with not setting any virtual host on the standard port 80, and have mod_rewrite run there and produce redirects on the same vhost and directory to the SSL virtual hosts. Hey, that exactly what I was about to say. I will remember this! And "I know (or will know) where you live"... Anyway, You can set this up using mod_rewrite. Assuming your are using debian etch (because that's the right thing to do (TM)) Have the following in your /etc/apache2/apache2.conf file: RewriteEngine On #RewriteLog /var/log/apache2/rewrite.log #RewriteLogLevel 10 RewriteCond %{SERVER_PORT} ^80$ RewriteRule ^/(.*)$ https://%{HTTP_HOST}/$1 [R=permanent,NS,L] #,PT Then under each VirtualHost you to supply content via SSL only have those two lines: RewriteEngine On RewriteOptions inherit I have this setup on my vps. mx1.rfsee.net and vps.rfsee.net both point to the same server. mx1 is set to deliver plain http, while vps is configured to always use https: http://mx1.rfsee.net/dokuwiki/doku.php?id=apache_always_use_https http://vps.rfsee.net/dokuwiki/doku.php?id=apache_always_use_https HTH -- Oded Maxim. -- Cheers, Maxim Veksler "Free as in Freedom" - Do u GNU ? = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Apache ssl as Default
On Fri, 2007-02-16 at 00:27 +0200, Chaim Keren Tzion wrote: > What is the recommended way to set up Apache2 so that all sites will default > to ssl (https) even if entered as http? > > I don't want to have to set up a rewrite for each directory or virtual server. I think you can get away with not setting any virtual host on the standard port 80, and have mod_rewrite run there and produce redirects on the same vhost and directory to the SSL virtual hosts. -- Oded ::.. "In the pitiful, multipage, connection-boxed form to which the flowchart has today been elaborated, it has proved to be useless as a design tool -- programmers draw flowcharts after, not before, writing the programs they describe." -- "The Mithical Man-Month" / Fred Brooks, Jr. = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Apache ssl as Default
For defaulting Apache2 just configure it to listen on 443 on ports.conf (you might also like to delete "Listen 80" if you don't want non-encrypted HTTP connections, and turn SSLEngine On, on your host's configuration (or VirtualHost). (make sure that you have mod_ssl installed) If you want http connections to be automatically redirected to https, maybe this might help you http://apache.webthing.com/mod_proxy_html/ . good luck Chaim Keren Tzion wrote: What is the recommended way to set up Apache2 so that all sites will default to ssl (https) even if entered as http? I don't want to have to set up a rewrite for each directory or virtual server. TIA, Chaim Witty Quote as Signature Here = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Apache ssl as Default
What is the recommended way to set up Apache2 so that all sites will default to ssl (https) even if entered as http? I don't want to have to set up a rewrite for each directory or virtual server. TIA, Chaim Witty Quote as Signature Here = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]