I'm addled (car broke down) so be kind, but can you have a separate docroot for http with a 0 second redirect page or one in the conf file that sends to the docroot for https? I think I've done that on some sites, but I'm not all here so bear with me. Supposed to go on vacation, now have no car...
Gavin Durman --- Xavier University Systems Administrator ======================================================= [EMAIL PROTECTED] (513)745-1905 http://staff.xu.edu/~durman The philosophy of one century is the common sense of the next. -- Henry Ward Beecher >>> [EMAIL PROTECTED] 07/08/03 01:19PM >>> At 7/8/2003 07:18 -0400, you wrote: >>I have a website which must be served _only_ over HTTPS. However, I serve >>pretty stupid users, so disabling port 80 is not ideal due to the 10 >>calls a day of "the site is down!". Rather, I want to redirect any and >>all requests, for any URL on this site, to the very same URL but using >>HTTPS. Below are the relevant parts of my httpd.conf: >><Directory "/var/www/apollo.paiz.org"> >> Options FollowSymLinks >> AllowOverride All >> RewriteEngine on >> RewriteCond %{SERVER_PORT} !^443$ >> RewriteRule ^/(.*) https://apollo.paiz.org/$1 [R,L,NC] >> Order allow,deny >> Allow from all >></Directory> > >Will a simple redirect work? > >Redirect permanent / https://apollo.paiz/org Thanks for the response, Bill. Unfortunately a simple redirect will not work, since the point is to force all requests to be over HTTPS. As it stands, the first time someone comes to the site they will get redirected to HTTPS, but if they ask for any other page directly they will happily continue using unsecured HTTP. My hope is to take _any_ requested URL and rewrite "http://"; to "https://"; while keeping the rest of the URL intact. That way I can be sure that any page, no matter what, will always get sent out encrypted, and non-technical users are not "locked out" while they remember to add that "s", which just might be never. I can't believe this is so hard, or that no one has ever done it. However, for the life of me I can't figure out what I did wrong; and three hours of Google gave no joy either. -- Rodolfo J. Paiz [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
