Apache - how to make http requests into https only?

Question

How to tell if http://ttt.com or http://www.ttt.com is used by the user, redirect it to https://www.ttt.com ?

httpd.conf:

<VirtualHost *:80>
 ServerName www.ttt.com
 ServerAlias ttt.com
 DocumentRoot /home/www/html/ttt/public
 <Directory /home/www/html/ttt/public>
    #Options ExecCGI
    #AddDefaultCharset utf-8
    DirectoryIndex index.php
    AllowOverride All
    Order allow,deny
    Allow from all
 </Directory>
</VirtualHost>

.htaccess :

RewriteEngine On
############################################
## always send 404 on missing files in these folders
#RewriteCond %{REQUEST_URI} !^/(files)/
RewriteCond %{REQUEST_FILENAME} -s [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^.*$ index.php [NC,L]

Not duplicate. Zend Framework 2 is used already, the one you reference is not working (already tried) — , May 04 '16 at 15:34
@YumYumYum: Can you clarify what is not working with suggested answers by starkeen? — anubhava, May 04 '16 at 15:37
https://paste.fedoraproject.org/362573/23763341/ - i am getting this ERROR when i use Zend Framework 2 with .htaccess — , May 04 '16 at 15:39
@starkeen: please NOTE its not same question. i am in different environment using Zend Framework which already have its own .htaccess requirement. See the configuration which is working from "here link" — , May 04 '16 at 15:55
@YumYumYum the accepted answer is same as the other answers on the duplicate question. Do you still think this isnt..? — Amit Verma, May 04 '16 at 16:20

Mohammed Elhag · Accepted Answer · 2018-04-05T01:52:03.463

2

Try the following Code at the main directory .htaccess file :

RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\. [NC,OR]
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R]

edited Apr 05 '18 at 01:52

answered May 04 '16 at 15:44

Mohammed Elhag

4,272
1
10
18

Not working. when i type `http://www.example.com` its going to `https://www.example.com` when i type `http://example.com` its going to `https://example.com` instead of `https://www.example.com`, when i type `http://www.example.com/contactus` its failing to find a page by moving to `https://www.example.com/contactus` even the page is there. – May 04 '16 at 15:51
1

it work for me fine , restart your server and empty cache & cookies from browser and try it again – Mohammed Elhag May 04 '16 at 15:53
I just did 50 times restart Apache, Can you check why its not working? `http://example.org` not getting into `https://www.example.org` – May 04 '16 at 16:04
1

Just replace the line RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R] with RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R] – Mohammed Elhag May 04 '16 at 16:05
http://paste.ubuntu.com/16220428/ - please see this is still not working when i try with Google chrome, Opera latest version for example: `http://example.org` is not going to `https://www.example.org` but the rest is working. – May 04 '16 at 16:13
1

remove the history cookies & cache from chrome browser – Mohammed Elhag May 04 '16 at 16:14
Remove cache, cookies, uninstalled opera, firefox, chromium, google chrome. But still same. – May 04 '16 at 16:20
Problem is solved. Its very complicated but solved. Basically its happening cause i use Zend Framework 2, where i need already another .htaccess to handle the php files. and then additionally i need to do redirection of http:// or http://www – May 04 '16 at 16:30

theGiallo · Answer 2 · 2016-05-04T15:57:02.843

Here you go: https://wiki.apache.org/httpd/RedirectSSL

Redirect Request to SSL

Let's say you want http://www.example.com/secure/ to always be sent over SSL (I presume here that both the normal and the SSL vhost have the same content). You could do this by linking to the correct page from within your HTML pages... but there will always be some user who will sneak by it that way.

Using virtual hosts (using redirect)

When using SSL, you will frequently have at least two virtual hosts: one on port 80 to serve ordinary requests, and one on port 443 to serve SSL. If you wish to redirect users from the non-secure site to the SSL site, you can use an ordinary Redirect directive inside the non-secure VirtualHost:
NameVirtualHost *:80
<VirtualHost *:80>
   ServerName mysite.example.com
   DocumentRoot /usr/local/apache2/htdocs
   Redirect permanent /secure https://mysite.example.com/secure
</VirtualHost>

<VirtualHost _default_:443>
   ServerName mysite.example.com
   DocumentRoot /usr/local/apache2/htdocs
   SSLEngine On
# etc...
</VirtualHost>
When redirecting everything you don't even need a DocumentRoot:
NameVirtualHost *:80
<VirtualHost *:80>
   ServerName www.example.com
   Redirect permanent / https://secure.example.com/
</VirtualHost>

<VirtualHost _default_:443>
   ServerName secure.example.com
   DocumentRoot /usr/local/apache2/htdocs
   SSLEngine On
# etc...
</VirtualHost>
Note: redirect can also be used inside .htaccess files or to address particular URLs, as in:

Example:

Redirect permanent /login https://mysite.example.com/login

Using mod_rewrite

While the solution is recommended because it is simpler and safer, you can also use mod_rewrite to get the same effect as described here: RewriteHTTPToHTTPS

From https://httpd.apache.org/docs/trunk/mod/mod_alias.html#redirect:

# Redirect to a URL on a different host Redirect "/service" "http://foo2.example.com/service"

# Redirect to a URL on the same host Redirect "/one" "/two"
If the client requests http://example.com/service/foo.txt, it will be told to access http://foo2.example.com/service/foo.txt instead. This includes requests with GET parameters, such as http://example.com/service/foo.pl?q=23&a=42, it will be redirected to http://foo2.example.com/service/foo.pl?q=23&a=42. Note that POSTs will be discarded. Only complete path segments are matched, so the above example would not match a request for http://example.com/servicefoo.txt. For more complex matching using the expression syntax, omit the URL-path argument as described below. Alternatively, for matching using regular expressions, see the RedirectMatch directive.

If you want both the www.example.com/* and the example.com/* to be redirected you could make two VirtualHost with different ServerName or you can use the Rewrite plugin.

I need to put any url http://theGiallo.com or http://www.theGiallo.com or http://theGiallo.com/contact into https://www.theGiall.com/.. — , May 04 '16 at 15:41
`Redirect permanent / https://example.org/` does this line convert all the pages? such as if the page is `/page1` will it move to `https://example.org/page1`? — , May 04 '16 at 15:43
ITS NOT WORKING. only the page www.example.org when i visit going to https://www.example.org but when i type www.example.org/test it does not find the page and throwing error page not found — , May 04 '16 at 15:48

score 1 · Answer 3 · answered May 04 '16 at 15:47

1

You can do it from the httpd.conf with the following:

<VirtualHost *:80>
    ServerName www.ttt.com
    Redirect "/" "https://www.ttt.com/"
</VirtualHost>

<VirtualHost *:443>
    ServerName www.ttt.com
    ...
    ...
</VirtualHost>

Or from the .htaccess file:

RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]

answered May 04 '16 at 15:47

Nathan Dixon

53
1
7

Not working, please see the comment: http://stackoverflow.com/a/37032433/285594 – May 04 '16 at 15:51

Apache - how to make http requests into https only?

3 Answers3

Redirect Request to SSL

Using virtual hosts (using redirect)

Using mod_rewrite

Linked