Apache Friends Support Forum


https://community.apachefriends.org/f/

How to redirect all http traffic into https

https://community.apachefriends.org/f/viewtopic.php?f=16&t=25721

Page 1 of 1

How to redirect all http traffic into https

PostPosted: 27. July 2007 09:29
by salento9
Hello everybody,

Please can somebody help me find out how to redirect all http traffic into https with xampp?

thanks in advance.

Salento9.

PostPosted: 27. July 2007 19:53
by ldivinag
in apache, well, i'm not much of a MOD_REWRITE guy...

in PHP, it's rather simple (at least for me... lol).

http://us3.php.net/manual/en/reserved.v ... les.server

danvasile at pentest dot ro
21-Mar-2007 02:22
If you have problems with $_SERVER['HTTPS'], especially if it returns no values at all you should check the results of phpinfo(). It might not be listed at all.
Here is a solution to check and change, if necessary, to ssl/https that will work in all cases:

Code: Select all
<?php
if ($_SERVER['SERVER_PORT']!=443) {
$sslport=443; //whatever your ssl port is
$url = "https://". $_SERVER['SERVER_NAME'] . ":" . $sslport . $_SERVER['REQUEST_URI'];
header("Location: $url");
}
?>


Of course, this should be done before any html tag or php echo/print.


now remember, for me, all i ever wanna SSL/HTTPS are pages that must be encrypted.

take gmail as an example, only time they HTTPS is when you are at the login screen. all other screens are just regular HTTP'ed.

all of the HTTPS'ing places additional load on the server due to the encryption and decryption process...

thanks

PostPosted: 31. July 2007 08:28
by salento9
thanks for your answer ldivinag but it's not really what i need, yes in apache with mod rewrite all http can be redirect into https
i found this in UBUNTU forum
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Link = https://help.ubuntu.com/community/OpenSSL

but seems not working with XAMMP.

Please Help.

Thanks.

PostPosted: 31. July 2007 08:54
by salento9
Finally i've found the solution and can be very usefull because all traffic became hhtps completely transparent for the client.

edit http.conf and change the following setting

1) enable mod_rewrite
LoadModule rewrite_module modules/mod_rewrite.so

2) at the end of the same file add the following lines

<ifModule rewrite_module>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</ifModule>

3) restart apache2 and it's all

BYE.

www.indino.net http://pinoclaudia.altervista.org
All times are UTC + 1 hour
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/