http to https redirection

Discussion in 'General' started by neutrino, Mar 19, 2010.

  1. neutrino

    neutrino Member

    Hello,

    I'm currently trying to redirect the url http://mail.server.com to https://mail.server.com

    I've tried all the options in ISPCONFIG (no flag, R, L, RL) and none off them actually work, Firefox / IE / Opera, there is no browser that accepts the rewrite rule.

    The code produced by ispconfig is the next one :

    RewriteEngine on
    RewriteCond %{HTTP_HOST} ^mail.server.com [NC]
    RewriteRule ^/(.*)$ https://mail.server.com/$1 [R,L]


    What I want to do, is to replace the ISPconfig code with something that works like :

    RewriteEngine on
    RewriteCond %{SERVER_PORT} !^443$
    RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]


    Problem is, each time I'll perform a change on the site, my code will be erased by the standard ispconfig code.

    How can I change this ? I suppose I have to change some master code of ISPconfig, but I don't really like that idea, because it always causes trouble when updating to a new version.

    Can a fix be expected in a future version of ISPconfig maybe ?
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Just add the lines:

    RewriteEngine on
    RewriteCond %{SERVER_PORT} !^443$
    RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]

    in the apache directives field of the website settings and click on save.
     
    inside83 and CreeWarrior like this.
  3. neutrino

    neutrino Member

    That works perfectly well, I forgot that option !

    Thanks a lot till :)
     
  4. Appie Thrasher

    Appie Thrasher Member HowtoForge Supporter

    Does this work for all or must I chance something in those lines?
    I want to use https://webmail.mydomain.com all the time somebody uses web-mail.
     
  5. Hans

    Hans Moderator ISPConfig Developer

    Yes that works, and also:

    Code:
    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
     
  6. Appie Thrasher

    Appie Thrasher Member HowtoForge Supporter

    Witch one is the preferred way to do it?
     
  7. Unfaiir

    Unfaiir Member

    Feature Request: ModRewrite Is Not Optimal For This

    Is there any chance that the option to make a whole site SSL only can be added to ISPConfig 3 in a future release?

    Having this written into the vhost file is not only the "proper" way to do it but also would be a performance gain:

    Code:
    <VirtualHost *:80>
       ServerName www.example.com
       Redirect permanent / https://example.com
    </VirtualHost>
     
  8. till

    till Super Moderator Staff Member ISPConfig Developer

    No need to edit or create a vhost file as you can do this from within ispconfig. Go to the sites module, edit the website and go to the options tab and enter the following lines in the apache directives field:

    Code:
    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
    and press save.
     
    djbill and CreeWarrior like this.
  9. Unfaiir

    Unfaiir Member

    That works too.

    I wasn't suggesting that anyone modify the vhost directly I'm just making a feature request for a site option that basically says "Hey ISPConfig, I want this entire site to be SSL only".

    Having that option would allow ISPConfig to then automatically write that very simple *:80 vhost entry, which not only handles the SSL only part, but also eliminates a full fledged *:80 vhost entry that never gets used but still has to get loaded into memory. This would also eliminate any need for adding any redirects by the user.

    Not a crucial feature request or anything, but it would be nice. :cool:
     
  10. lovendo

    lovendo New Member

    Up, that's a really good request. Any news?
     
  11. davidak

    davidak New Member

    This don't work.

    I get redirected to SSL /php5-fcgi/index.php

    PHP is handled through FPM.
     
  12. CreeWarrior

    CreeWarrior Member

    This worked perfectly Thanks Till
     
  13. CreeWarrior

    CreeWarrior Member

    This one is the correct one

    On the above post i made notice the code is different and would only work if you typed in http://yourdomain.com which would bring your to https://yourdomain.com. However if someone were to type yourdomain.com into the address bar you would still get the regular unecrypted website
     
  14. Viper_iii

    Viper_iii Member

    Using the code above - still doesn't work if I directly type www.domain.com into the address bar..
    works great for domain.com but not www.domain.com...
    checking what I'd have to edit to get the www - working - or I'm doing it wrong - which is also extremely possible!

    went back and used Mod's example below and it worked perfectly - tried couple days ago but didn't - again was me!
    Code:
    RewriteEngine on
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
     
  15. webonoid

    webonoid New Member

    Hello,
    I have followed all the tips and procedures provided in this forum for http to https redirect. But have not been able to resolve the issue of my site not opening without https. Please suggest.
     
  16. sjau

    sjau Local Meanie Moderator

    Better to use redirect than rewrite:
    https://wiki.apache.org/httpd/RedirectSSL

    Code:
    <If "%{HTTPS} == 'off'">
    Redirect permanent / https://domain.tld/
    </If>
    
    And you could also add HSTS:
    Code:
    <If "%{HTTPS} == 'on'">
    Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
    </If>
    
     
  17. Hi , I'm using latest ISPconfig 3.1.3 and got Lets Encrypt to work on the server and if I go to https://www.exsample.com I get the https with padlock and all. I tick in the redirect to https box in web sites redirect tab, it works for some sites not all, I've tried all above methods on those webs that do not redirect reliably with out any luck.
    I'm running out of ideas what to try and would appriciate suggestions.
     
  18. Jesse Norell

    Jesse Norell ISPConfig Developer Staff Member ISPConfig Developer

    Check if the sites that don't redirect have a vhosts.err file created for them, ie. a syntax error when the web server tries to read those files. If not, check the vhosts file of some of them to see if the redirect statements are there, and maybe post one of them here.
     
  19. Hi yes it seems that these sites have generated .vhost.err files her is the redirect part from site fuglar.is out of the .err file:

    RewriteEngine on
    RewriteCond %{REQUEST_URI} ^/\.well-known/acme-challenge/
    RewriteRule ^ - [END]
    RewriteCond %{HTTP_HOST} ^fuglar\.is$ [NC]
    RewriteRule ^(.*)$ http://www.fuglar.is$1 [R=301,NE,L]
    RewriteCond %{HTTP_HOST} ^wp\.fuglar\.is$ [NC]
    RewriteRule ^(.*)$ http://www.wp.fuglar.is$1 [R=301,NE,L]
    RewriteCond %{HTTP_HOST} ^wp\.fuglar\.is$ [NC]

    RewriteRule ^/(.*)$ http://www.fuglar.is [R]

    RewriteCond %{HTTP_HOST} ^www\.wp\.fuglar\.is$ [NC]

    RewriteRule ^/(.*)$ http://www.fuglar.is [R]

    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

    I'm just thinkig if it has to do with the seo redirect fuglar.is -> www.fuglar.is ?
    site works fine as https just will not redirect to it.
    let me just admit that I'm not the best in regexp and re-directions so I tend to use fancy stuff like ISPconfig and/or online redirect generators to do stuff I really do not know sufficiently.
     
  20. Jesse Norell

    Jesse Norell ISPConfig Developer Staff Member ISPConfig Developer

    The .err file is not used by the webserver, it is a failed config update for that vhost - ie. ispconfig tried to use that config and it did not work, so it left it there and renamed as .err to examine. So your actual redirect problem is not in that file, it's in the .vhost file; you should troubleshoot why the .err file is being created and fix that first - it's possible the redirect issue will also clear up by doing so. If there's still an issue afterwards, then pick up troubleshooting the redirects as above.

    You might check all the custom 'Apache Directives' for your sites and make sure they're either clear or not causing a problem (eg. temporarily comment out). You can rename the .err file to the normal filename and restart the web server to see what error is generated (ie. what problem caused the .err file).
     

Share This Page