Thursday, July 3, 2008

Ways to Force HTTPS on HTTP

  1. Add this to your httpd.conf:
    SSLRequire %{HTTP_HOST} eq ""
  2. Or try this:
    # Turn on Rewriting
    RewriteEngine on 
    # Apply this rule If request does not arrive on port 443
    RewriteCond %{SERVER_PORT} !443 
    # RegEx to capture request, URL to send it to (tacking on the captured text, stored in $1), Redirect it, and this is last rule.
    RewriteRule ^(.*)$$1 [R,L]
  3. Append the following line to httpd.conf:
    Redirect permanent /
  4. Or try this:
        Redirect permanent /
  5. Add the following lines to .htaccess:
    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
    Make sure you have this line in your httpd.conf file:
    LoadModule rewrite_module modules/
  6. Or try this:
    RewriteEngine On
    RewriteCond %{SERVER_PORT} 80
    RewriteRule ^(.*)$$1 [R,L]
Note: Restart Apache for new configuration to take effect.
$ /etc/init.d/httpd restart