0

I recently added a wildcard SSL certificate to my sites. How can I get it so when a user goes the sites, it forces them to https?

The SSL covers sites in the form of *.staging.domain.com, I need it to make all those sites go to the https version. However, there is also another site on the same server that is *.domain.com which doesn't have SSL and should not redirect to https.

I've looked at using .htaccess files with redirect but not only could I not get it to work, I would like to make it a server wide change and not need a .htaccess file for every site.

I also found another problem where I can only access the https sites inside my office but nowhere else.

Improve this question
1
  • Your "another problem" should be posted as a separate question so an answer to this one which answers the redirect issue can be marked accepted. Commented Sep 29, 2012 at 0:49

1 Answer 1

Reset to default
0

The easiest way of doing this is with .htaccess as you mention. It is possible to put the rewrite rules in the Apache configuration if you prefer. Depending on the layout of your file system and Apache configuration it may also be possible to create a pattern matched <Directory> entry in the configuration that matches all your SSL enabled sites.

A quick search of the net suggests the following should redirect non-SSL requests to https://

RewriteEngine on RewriteCond %{HTTPS} !=on RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R,L]

If you are accessing from external through a NAT router and http:// works then I would suggest the problem is most likely that port 443 is not forwarded to your web server.

Improve this answer
4
  • How do I forward port 443? I have a little bit of experience with Red Hat and Apache, but not enough. Commented Sep 28, 2012 at 14:41
  • It sounds like your server is configured correctly. It's the router that connects your network to the Internet that needs configuring to forward port 443. (I'm assuming your server is on a private address on your LAN and you have a NAT router like most offices) Commented Sep 28, 2012 at 15:24
  • Are there any other rewrite conditions so I can keep one of the sites from redirecting? Commented Sep 28, 2012 at 19:16
  • You could probably add a second negative condition as above but using the %{SERVER_NAME} variable to exclude the host name of your non ssl website. I'm not much of a mod_rewrite expert, have a look on the net for example of using multiple conditions. Commented Sep 28, 2012 at 19:31

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.