Re: Apache ssl as Default
On 2/16/07, Oded Arbel <[EMAIL PROTECTED]> wrote:
On Fri, 2007-02-16 at 00:27 +0200, Chaim Keren Tzion wrote:
> What is the recommended way to set up Apache2 so that all sites will default
> to ssl (https) even if entered as http?
>
> I don't want to have to set up a rewrite for each directory or virtual server.
I think you can get away with not setting any virtual host on the
standard port 80, and have mod_rewrite run there and produce redirects
on the same vhost and directory to the SSL virtual hosts.
Hey, that exactly what I was about to say.
I will remember this! And "I know (or will know) where you live"...
Anyway,
You can set this up using mod_rewrite.
Assuming your are using debian etch (because that's the right thing to do (TM))
Have the following in your /etc/apache2/apache2.conf file:
RewriteEngine On
#RewriteLog /var/log/apache2/rewrite.log
#RewriteLogLevel 10
RewriteCond %{SERVER_PORT} ^80$
RewriteRule ^/(.*)$ https://%{HTTP_HOST}/$1 [R=permanent,NS,L] #,PT
Then under each VirtualHost you to supply content via SSL only have
those two lines:
RewriteEngine On
RewriteOptions inherit
I have this setup on my vps. mx1.rfsee.net and vps.rfsee.net both
point to the same server. mx1 is set to deliver plain http, while vps
is configured to always use https:
http://mx1.rfsee.net/dokuwiki/doku.php?id=apache_always_use_https
http://vps.rfsee.net/dokuwiki/doku.php?id=apache_always_use_https
HTH
--
Oded
Maxim.
--
Cheers,
Maxim Veksler
"Free as in Freedom" - Do u GNU ?
=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
Re: Apache ssl as Default
On Fri, 2007-02-16 at 00:27 +0200, Chaim Keren Tzion wrote: > What is the recommended way to set up Apache2 so that all sites will default > to ssl (https) even if entered as http? > > I don't want to have to set up a rewrite for each directory or virtual server. I think you can get away with not setting any virtual host on the standard port 80, and have mod_rewrite run there and produce redirects on the same vhost and directory to the SSL virtual hosts. -- Oded ::.. "In the pitiful, multipage, connection-boxed form to which the flowchart has today been elaborated, it has proved to be useless as a design tool -- programmers draw flowcharts after, not before, writing the programs they describe." -- "The Mithical Man-Month" / Fred Brooks, Jr. = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Apache ssl as Default
For defaulting Apache2 just configure it to listen on 443 on ports.conf (you might also like to delete "Listen 80" if you don't want non-encrypted HTTP connections, and turn SSLEngine On, on your host's configuration (or VirtualHost). (make sure that you have mod_ssl installed) If you want http connections to be automatically redirected to https, maybe this might help you http://apache.webthing.com/mod_proxy_html/ . good luck Chaim Keren Tzion wrote: What is the recommended way to set up Apache2 so that all sites will default to ssl (https) even if entered as http? I don't want to have to set up a rewrite for each directory or virtual server. TIA, Chaim Witty Quote as Signature Here = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Apache ssl as Default
What is the recommended way to set up Apache2 so that all sites will default to ssl (https) even if entered as http? I don't want to have to set up a rewrite for each directory or virtual server. TIA, Chaim Witty Quote as Signature Here = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
