Http To Https Apache

broken image


  • Chrome and Firefox have started showing insecure warnings on sites without SSL certificates. Without SSL, your website will show insecure to the visitors. Therefore, using an SSL-encrypted connection for safety, accessibility or PCI compliance reasons is necessary. It becomes very important to redirect from HTTP to HTTPS.
  • Environment Centos with apache Trying to setup automatic redirection from http to https From manage.mydomain.com - To -> I have tried adding.

The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows. The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards.

The increasing adoption of HTTPS as the default connection protocol for websites has introduced a few new challenges to developers and system administrators, such as the need to consolidate a canonical domain by redirecting non-HTTP sites to HTTPS, in addition to redirecting www to non-www host name (or vice-versa).

Introduction

Here I show how to redirect a site from www to non-www (or viceversa) and from HTTP to HTTPS, using the Apache server configuration. To be more clear, the configuration will redirect the following host names:

to

I'll also show a small change to redirect the non-www to the www version, if you prefer the www.

Apache Configuration

To configure the redirects, add the following redirect rule either to the Apache config file if you have access to it, or to the .htaccess in the root of your site:

If instead of example.com you want the default URL to be www.example.com, then simply change the third and the fifth lines:

How it works

Since I'm not a huge fan of cut-and-paste tutorials, let's try to understand how the configuration works. That would help you to make the necessary modifications, if needed.

The first line enables the Apache runtime rewriting engine, required to perform the redirect. You may have already enabled it in a previous config in the same file. If that's the case, you can skip that line.

These two lines are are the redirect conditions, they are used to determine if the request should be redirected. Because the conditions are joined with an [OR], if any of those two conditions returns true, Apache will execute the rewrite rule (the redirect).

The first condition determines if the request is using a non-HTTPS URL. The second condition determines if the request is using the www URL. Notice that I used www. and not www., because the pattern is a regular expression and the . dot has a special meaning here, hence it must be escaped.

The forth line is a convenient line I used to avoid referending the hostname directly in the URL. It matches the HOST of the incoming request, and decomposes it into www part (if any), and rest of the hostname. We'll reference it later with %1 in the RewriteRule.

If you know the host name in advance, you may improve the rule by inlining the URL and skipping this condition (see later).

The RewriteRule is the heart of the redirect. With this line we tell Apache to redirect any request to a new URL, composed by:

Http
  • https://www.
  • %1: the reference to the non-www part of the host
  • %{REQUEST_URI}: the URI of the request, without the hostname

All these tokens are joined together, and represents the final redirect URI. Finally, we append 3 flags:

  • NE to not escape special characters
  • R=301 to use the HTTP 301 redirect status
  • L to stop processing other rules, and redirect immediately

Remarks

As I've already mentioned, my example uses an extra RewriteCond line to extract the host name, and avoid to inline the hostname in the rule. If you feel this is a performance penalty for you, you can inline the host directly in the rule:

Apache Http To Https Rewrite

Conclusion

This articles provides a simple configuration to redirect www and non-HTTPS requests to the canonical site domain. This is very useful to avoid content duplication issues with search engines, and offer an improved experience to your users.

Apache

If you search online there are dozens of ways to perform a redirect in Apache, this is just one of the possibilities and it may not cover all the possible cases. Hopefully, with the explanation in the How it works section you will be able to customize it to your needs.

Webmasters and students may want to learn how to redirect an old domain to a new one or one sub-domain to another or HTTP to HTTPS… For example, with Apache2 redirect modules, one can redirect http//example.net to http://example.com or http://www.example.com to http://example.com or http://example.com to https://example.com

This brief tutorial is going to show students and new users how to set up Apache2 directs easily… the method below can also be used with switching your HTTP domain to HTTPS…

Https

When you're ready to configure Apache2 directs, continue below:

Step 1: Install / Configure Apache2 HTTPS

To configure Apache2 to redirect all traffic to HTTPS, you must configure and enable its SSL modules.. The post below shows you how to install and configure Apache2 to communicate over HTTPS… however, both HTTP and HTTPS are enabled… the method below will show you how to redirect all traffic to the server to use HTTPS only..

Step 2: Redirect Apache2 HTTP to HTTPS

Our post above set up Apache2 to communicate over both HTTP and HTTPS… however, in today's environment, it's recommended to choose one type of protocol and redirect the other to it..

For example, you should redirect all HTTP (80) to HTTPS (443). To do that, add the highlighted portion of the code to your Apache2 site configuration file…

Run the commands below to open Apache2 default site configuration file..

sudo nano /etc/apache2/sites-available/000-default.conf

Then add the highlighted portion to the bottom of the file.

Redirect to same domain on HTTPS only

The configuration above redirect all requests to use HTTPS only to communicate with the server with domain name example.com. So, http://example.com and http://www.example.com will be redirect to https://example.com

Step 3: Redirect Old Domain to New

Https Apache Server

If you want to redirect from an old domain to a new one, the setting below should help you do that… For this setup, HTTPS isn't required… Run the commands below to open Apache2 default site configuration file.

Http To Https Apache Redirect

Apache http to https redirect
  • https://www.
  • %1: the reference to the non-www part of the host
  • %{REQUEST_URI}: the URI of the request, without the hostname

All these tokens are joined together, and represents the final redirect URI. Finally, we append 3 flags:

  • NE to not escape special characters
  • R=301 to use the HTTP 301 redirect status
  • L to stop processing other rules, and redirect immediately

Remarks

As I've already mentioned, my example uses an extra RewriteCond line to extract the host name, and avoid to inline the hostname in the rule. If you feel this is a performance penalty for you, you can inline the host directly in the rule:

Apache Http To Https Rewrite

Conclusion

This articles provides a simple configuration to redirect www and non-HTTPS requests to the canonical site domain. This is very useful to avoid content duplication issues with search engines, and offer an improved experience to your users.

If you search online there are dozens of ways to perform a redirect in Apache, this is just one of the possibilities and it may not cover all the possible cases. Hopefully, with the explanation in the How it works section you will be able to customize it to your needs.

Webmasters and students may want to learn how to redirect an old domain to a new one or one sub-domain to another or HTTP to HTTPS… For example, with Apache2 redirect modules, one can redirect http//example.net to http://example.com or http://www.example.com to http://example.com or http://example.com to https://example.com

This brief tutorial is going to show students and new users how to set up Apache2 directs easily… the method below can also be used with switching your HTTP domain to HTTPS…

When you're ready to configure Apache2 directs, continue below:

Step 1: Install / Configure Apache2 HTTPS

To configure Apache2 to redirect all traffic to HTTPS, you must configure and enable its SSL modules.. The post below shows you how to install and configure Apache2 to communicate over HTTPS… however, both HTTP and HTTPS are enabled… the method below will show you how to redirect all traffic to the server to use HTTPS only..

Step 2: Redirect Apache2 HTTP to HTTPS

Our post above set up Apache2 to communicate over both HTTP and HTTPS… however, in today's environment, it's recommended to choose one type of protocol and redirect the other to it..

For example, you should redirect all HTTP (80) to HTTPS (443). To do that, add the highlighted portion of the code to your Apache2 site configuration file…

Run the commands below to open Apache2 default site configuration file..

sudo nano /etc/apache2/sites-available/000-default.conf

Then add the highlighted portion to the bottom of the file.

Redirect to same domain on HTTPS only

The configuration above redirect all requests to use HTTPS only to communicate with the server with domain name example.com. So, http://example.com and http://www.example.com will be redirect to https://example.com

Step 3: Redirect Old Domain to New

Https Apache Server

If you want to redirect from an old domain to a new one, the setting below should help you do that… For this setup, HTTPS isn't required… Run the commands below to open Apache2 default site configuration file.

Http To Https Apache Redirect

sudo nano /etc/apache2/sites-available/000-default.conf

Then add the highlighted portion to the bottom of the file.

Redirect old domain to new domain

The above code added to your Apache2 site configuration file will redirect an old domain to a new one without HTTPS…. the highlighted code above redirects http://example.net and http://www.example.net to http://example.com

After making the changes above, run the commands below to test your settings and enable Apache2 rewrite and SSL modules.

If you don't see any error messages then you're good. Restart Apache2 web server by running the commands below.

sudo systemctl restart apache2.service

Redirect Http To Https Apache2 Ubuntu

That's it! This is how to configure Apache2 HTTP 301 redirects

~Enjoy~

Redirect Http To Https Apache Xampp

You may also like the post below:





broken image
Previous
Next
Cookie Use
We use cookies to improve browsing experience, security, and data collection. By accepting, you agree to the use of cookies for advertising and analytics. You can change your cookie settings at any time. Learn More
Accept all
Settings
Decline All
Cookie Settings
Necessary Cookies
These cookies enable core functionality such as security, network management, and accessibility. These cookies can’t be switched off.
Analytics Cookies
These cookies help us better understand how visitors interact with our website and help us discover errors.
Preferences Cookies
These cookies allow the website to remember choices you've made to provide enhanced functionality and personalization.
Save