Tuncay Sahin

ICT Engineer | Docent ICT & Trainer

If you wish to redirect users from the non-secure site to the SSL site, you can use the RewriteEngine directive inside the non-secure VirtualHost in your configuration (vhost.conf) of apache web server:

#Ensure mod_rewrite.so module is loaded

LoadModule rewrite_module modules/mod_rewrite.so

 

<VirtualHost *:80>

ServerName www.domain.com

RewriteEngine On

 

RewriteCond %{HTTPS} !=on

#RewriteCond %{HTTPS} off

 

#RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301]

RewriteRule (.*) https://%{SERVER_NAME}/$1 [R,L]

 

</VirtualHost>

  • The RewriteEngine On directive  will enable the Rewrite capabilities.
  • The RewriteCond %{HTTPS} !=on directive checks to make sure the connection is not already HTTPS.

Make sure you that you already have preconfigured the VitualHost for 443 for the same ServerName (/etc/httpd/conf.d/ssl.conf):

LoadModule ssl_module modules/mod_ssl.so

Listen 443

 

<VirtualHost *:443>

ServerName www.domain.com

SSLEngine on

SSLCertificateFile /path/to/www.example.com.cert

SSLCertificateKeyFile /path/to/www.example.com.key

<Location/>

SSLRequireSSL

</Location>

</VirtualHost>

Require SSL for a sub-section

It’s possible to force HTTPS for a specific sub-section of a site instead of the entire site.
The rule below will redirect all users who are using any part of /secure/ to the same location but using HTTPS.

i.e.  http://www.example.com/secure/ to https://www.example.com/secure/

RewriteRule ^/?secure/(.*) https://%{SERVER_NAME}/secure/$1 [R,L]

Using the Redirect directive

You can also use the Redirect directive to pass to SSL.

NameVirtualHost *:80

<VirtualHost *:80>

ServerName mysite.example.com

Redirect permanent /secure https://mysite.example.com/secure

</VirtualHost>

Note: redirect can also be used inside .htaccess files

Meer informatie

Voor meer informatie of voor een persoonlijk adviesgesprek kunt u altijd vrijblijvend contact met mij opnemen.

E-Mail

info@tuncaysahin.nl