2023-09-02

Procedure - Apache2 redirect www and http:// to https://

Procedure - Apache2 Redirect www and http:// to https://
Procedure - Forward www traffic to https
Procedure - Forward http traffic to https

Issue:
When browsing to a site using "www" or "http", the site stays on http (port 80), even though the site has an ssl certificate applied and https (port 443) is active.

You want the website traffic to auto-forward, redirect to https: (encrypted).

Assumptions:
* The SSL Certificate is applied and functioning.
* https://<site>.com works properly

This article was written and tested on
Raspberry Pi OS (2023)
Server Build  2023-04-02
Apache2 Version 2.4.56 (Raspbian)

(Confirm Apache version: Use terminal command:  Apache2 -v )
See bottom of this file for other operating systems, other versions.

Solution:
Edit existing file: /etc/apache2/sites-enabled/000-default.conf
using these steps:

a.  Using FileZilla (or other ftp client), drag /etc/apache2/sites-enabled/000-default.conf  to a temp location on your C: drive. 

b.  Use Notepad to edit the file, making these highlighted changes. 
Replace "keyliner.com" with your domain's address.
Add a new <VirtualHost *:443> section.

<VirtualHost *:80>
    # The ServerName directive sets the request scheme, hostname and
    # port that the server uses to identify itself.

    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html
    ServerName keyliner.com
    ServerAlias www.keyliner.com
    Redirect permanent / https://keyliner.com/


    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

   RewriteEngine on
   RewriteCond %{SERVER_NAME} = keyliner.com
   RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

<VirtualHost *:443>
  ServerName keyliner.com
  ServerAlias www.keyliner.com

  Protocols h2 http/1.1

  <If "%{HTTP_HOST} == 'www.keyliner.com'">
    Redirect permanent / https://keyliner.com/
  </If>

  # SSL Configuration

  # Other Apache Configuration

</VirtualHost>


# vim: syntax=apache ts=4 sw=4 sts=4 sr noet


c.  Use FileZilla and replace the server's version with the new edits.


Other Linux, Other Apache Versions

This was a wild-goose chase to figure this article out.  Hopefully, these hints are helpful for those of you using different software than I.

.htaccess
Old versions of Apache used this file:
/opt/bitnami/APPNAME/.htaccess

# Redirect only a specific domain:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^yourdomain\.com [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R,L]

This is *not* recommended. 
It introduces overhead to all webpage loads and is not frowned on in all cases. However, many current articles still point this direction.


httpd.conf
Apparently some versions of Apache / or other versions of Linux recommend using an httpd.conf file.  Be aware this file does not exist, and is not used by the new Raspberry Pi OS.

Debian (older?), and Ubuntu
File:  /etc/apache2/sites-available/httpd.conf

RedHat, Fedora, and CentOS
File:  /etc/httpd/conf.d

For each, use the same file as the 000-default.conf, shown above, including the
Redirect permanent / https://keyliner.com/
And the <VirtualHost *:443> section

Another article said "Ubunto does not use httpd.conf, instead, use apache2.conf" - keyliner was not able to confirm this.


References:
See this keyliner article for how I build a new webserver from scratch.

The article includes how to install the OS, Install Apache, punch holes through your firewall, how to get and apply an ssl cert, and how to tell your Domain Provider about your new site.  Step-by-step instructions.

https://keyliner.blogspot.com/2023/09/install-raspberry-pi-webserver-step-by.html )


No comments:

Post a Comment

Comments are moderated and published upon review. (As an aside, not a single spam has been allowed through; why bother?)