RE: [users@httpd] http-https [EXT]

Wed, 12 Aug 2020 02:57:42 -0700 

Add also remember to add the HSTS headers

Header always set Strict-Transport-Security "max-age=63072000; 
includeSubDomains; preload"

{only put includeSubDomains & preload if you can} this stops the client sending 
further HTTP requests but only HTTPS {most web servers}

This can stop the plain text password issue...


From: Jim Albert <[email protected]>
Sent: 11 August 2020 15:07
To: [email protected]
Subject: Re: [users@httpd] http-https [EXT]

On 8/11/2020 3:00 AM, MEjaz wrote:
Hello,.

I have requirement to redirect the url. Whoever typed my site 
http://newtraffic.cyberia.net.sa 
[newtraffic.cyberia.net.sa]<https://urldefense.proofpoint.com/v2/url?u=http-3A__newtraffic.cyberia.net.sa&d=DwMD-g&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=u_JqEjDWgo-OocL30p2adrqMP2ANeNzVGM00nEb2SGw&s=pwH-t5l78trs4NhuTkbW_6At5rheFwUfObRpuI3RYjI&e=>
 , it should redirect to https://newtraffic.cyberia.net.sa 
[newtraffic.cyberia.net.sa]<https://urldefense.proofpoint.com/v2/url?u=https-3A__newtraffic.cyberia.net.sa&d=DwMD-g&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=u_JqEjDWgo-OocL30p2adrqMP2ANeNzVGM00nEb2SGw&s=KphJ7NJgAkY4K77U__kmooopvQ8L0ZTP6kNRWE06UXM&e=>

I am bit struggling to achieve this. please assit

Ejaz


As long as the request is staying on the same server, mod_rewrite is a good use 
for this and I believe avoids another request as in a redirect.
The following 3 lines would go in your httpd.conf file.

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) MailScanner has detected a possible fraud attempt from "%" 
claiming to be https://% 
[%]<https://urldefense.proofpoint.com/v2/url?u=https-3A__-25&d=DwMD-g&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=u_JqEjDWgo-OocL30p2adrqMP2ANeNzVGM00nEb2SGw&s=JHn6HqEcexneHcW_Odljb9BQOM1USP7CjXGEHkEtitc&e=>{SERVER_NAME}$1
 [L,R=302]

https://httpd.apache.org/docs/current/mod/mod_rewrite.html 
[httpd.apache.org]<https://urldefense.proofpoint.com/v2/url?u=https-3A__httpd.apache.org_docs_current_mod_mod-5Frewrite.html&d=DwMD-g&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=u_JqEjDWgo-OocL30p2adrqMP2ANeNzVGM00nEb2SGw&s=9KhRrRpZ6Rb0u_hYOPYk05kX7QhDnWdXStTv2j3hDiA&e=>

This assumes you want all http traffic handled via https and not just the root 
of your site.

Change the 302 (temporary) to 301 (permanent) once you know things are working 
as you like.

Jim







-- 
 The Wellcome Sanger Institute is operated by Genome Research 
 Limited, a charity registered in England with number 1021457 and a 
 company registered in England with number 2742969, whose registered 
 office is 215 Euston Road, London, NW1 2BE.

Reply via email to