SSL secured webstites or HTTPS has now become a must to have on website, especially those handling sensitive client information. Having a HTTPS enabled website means that a intruder can't intrude to communication between users & website.
HTTPS not only secures communication but is now a requirement for many new features like http2, which requires you to have https enabled on your server. Having a HTTPS enabled website also improves your Google SEO (Search Engine Optimization) ranking.
HTTPS uses a SSL certificate to secure your website, we have already discussed about SSL certificates in our previous tutorials HERE & HERE .
In this tutorial, we will discuss how we can move web server traffic to https i.e. traffic redirect http to https on Apache servers.
( Also Read : - Installing mod_pagespeed for Apache Webserver )
( Also Read:- How to install VARNISH for Apache Webserver )
We will be discussing three different methods to redirect all the web traffic i.e. redirect http to https. But before we do that let's see the files which we will use to make the redirection of http to https,
/etc/httpd/conf/httpd.conf (RHEL/CentOS)- If you have access to this & have defined the Apache hosts entries in httpd.conf, than use this file to define the redirection options. There can be another user defined location, for ex /etc/httpd/conf/virtual-hosts.conf. But there will be entry for the same in httpd.conf, like
include /virtual-hosts.conf
If you are using a custom location for defining the virtual hosts, than that's where you will make the redirection entry.
/etc/apache2/sites-available/test.com (Ubuntu)- This file is same as custom defined virtual hosts configuration file. If using Ubuntu, than make redirection entry to this file. Here test.com is the name of the website.
.htaccess- This file is used when handling a number of servers or when you don't have access to main configuration file like in case of wordpress installation but you can also use it on any case as well. This file is usually located in the root of the website.
All these files can be used to redirect traffic, so choose the file that's suitable to your needs.
Method 1 : Using Redirect
This method is pretty simple, make the following entry in virtual host config file (httpd.conf for CentOS/RHEL or test.com for Ubuntu),
<VirtualHost *:80>
ServerName test.com
<Location />
Redirect permanent / https://test.com/
</Location>
</VirtualHost>
<VirtualHost *:443>
ServerName example.com
DocumentRoot /var/www/html/test.com
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/test.com.crt
SSLCertificateKeyFile /etc/apache2/ssl/test.com.key
SSLCertificateChainFile /etc/apache2/ssl/test.com.ca-bundle
</VirtualHost>
If using .htaccess file, make the following entry to the file,
Redirect permanent / https://test.com/
Save the file & web server traffic redirect http to https would start working.
Method 2 : Using mod_rewrite
This is my personal favorite method. Here we will use mod_rewrite module to redirect the traffic to https. To use this method, make sure that we have mod_rewrite module enabled. To enable mod_rewrite module, open file 'httpd.conf' & make the following entry
For CentOS
$ vi /etc/httpd/conf/httpd.conf
LoadModule rewrite_module modules/mod_rewrite.so
For Ubuntu
$ sudo a2enmod rewrite
Restart the Apache service to implement the changes. Next make the following entry in the virtual host file ( httpd.conf for CentOS/RHEL or test.com for Ubuntu )
<VirtualHost *:80>
ServerName test.com
RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>
<VirtualHost *:443>
ServerName example.com
DocumentRoot /var/www/html/test.com
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/test.com.crt
SSLCertificateKeyFile /etc/apache2/ssl/test.com.key
SSLCertificateChainFile /etc/apache2/ssl/test.com.ca-bundle
</VirtualHost>
For .htaccess file make the following entry to the file,
RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
Note:- Make sure that you are not duplicating 'RewriteEngine On' & that the 'RewriteCond' , 'RewriteRule' immediately follow 'RewriteEngine'.
Method 3 : Using PHP
Using this method, we can create a function to redirect traffic & call this function in the page when we need to redirect the traffic or on top of all the scripts. Use the following PHP code,
< ?php
function redirectTohttps() {
if($_SERVER[‘HTTPS’]!=”on”) {
$redirect= “https://”.$_SERVER[‘HTTP_HOST’].$_SERVER[‘REQUEST_URI’];
header(“Location:$redirect”); } }
?>
Before you use this code, make sure that SSL has been properly configured.
This was our tutorial on how we can redirect http to https for Apache webservers. If have any issues, please feel free to send in your comments/queries using the comment box below.
If you think we have helped you or just want to support us, please consider these :-
Connect to us: Facebook | Twitter | Google Plus
Donate us some of you hard earned money: [paypal-donation]
Linux TechLab is thankful for your continued support.
Please update with code snippets wrapped in “ or `
` tags and ensure curly quotes are disabled for those tags.
Good write-up. I definitely appreciate this site.
Stick with it!
Thanks
Hurrah! Finally I got a web site from where I know how to genuinely obtain useful
facts concerning my study and knowledge.
you got a very superb website, Gladiola I found it through yahoo.
In the first method there is no need to put the Redirect inside and tags.
You can simply use:
ServerName test.com
Redirect permanent / https://test.com/
I’d like to thank you for the efforts you’ve put in penning
this website. I really hope to view the same high-grade blog
posts from you later on as well. In truth, your creative writing abilities has motivated me to get my own website
now 😉
Right here is the right site for everyone who hopes to find out about this
topic. You realize a whole lot its almost hard to argue with you (not that I personally will need to…HaHa).
You certainly put a fresh spin on a topic that has been written about for decades.
Wonderful stuff, just great!