Use apache to redirect website and subdomains to https

Discussion in 'ISPConfig 3 Priority Support' started by unsichtbare, Aug 8, 2017.

  1. unsichtbare

    unsichtbare Member HowtoForge Supporter

    My site needs to use HTTPS so I am using the apache directive
    • Header always add Strict-Transport-Security "max-age=15552000; includeSubDomains; preload"
    and there are subdomains. Right now I use a meta refresh on the 400.html error page to redirect to https.
    What's the best way to redirect the entire site to HTTPS with Apache?
    THX
     
    unsichtbare, Aug 8, 2017
    #1
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Use the http to https redirect option on the redierct tab of the website. But strict transport might still cause issues, you might have to test it. If the strict transport kicks in before redirects happen in apache, then you can't do a redirect without errors.
     
    till, Aug 8, 2017
    #2
  3. unsichtbare

    unsichtbare Member HowtoForge Supporter

    Yep, errors.
    Can I apply the redirect under apache directives section of the website?
     
    unsichtbare, Aug 8, 2017
    #3
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    You may try that but I expect the same result.
     
    till, Aug 8, 2017
    #4
  5. unsichtbare

    unsichtbare Member HowtoForge Supporter

    Thanks for the advice. I placed:
    • Header always add Strict-Transport-Security "max-age=15552000; includeSubDomains; preload"
    In the .htaccess of the subdomain where it counted and got it out of the apache directives for the site.
     
    unsichtbare, Aug 9, 2017
    #5

Share This Page