Forcing SSL only connection

Say a site has SSL enabled. It's still possible to connect to non-SSL.

What's the best way to force incoming connections to apache on port 80 to go to the SSL port? Redirect somehow?

 

Try it with the following mod_rewrite rule

 

Seems to work. Will this prevent anyone trying to surf unencrypted though?

 

I woul say yes, cause in my tests in redirected / rewrote every access without http to https