Apache :: HTTPS Redirect Does Not Work After Updating To TLS
Jun 11, 2015
In my apache conf file I redirect http to https requests like this:
Code:
# Redirect all requests to https
<VirtualHost *:80>
ServerName www.mypage.de
Redirect permanent / https://www.mypage.de/
</VirtualHost>
This worked just fine until yesterday, when I have updated to Apache 2.4 and disabled SSL 3 by doing this:
Code:
# Disable SSL 3 due to the POODLE vulnerability
SSLProtocol all -SSLv2 -SSLv3
Now, if I call any http URL, the server does not respond. If I explicitly call a https URL it works.
View 3 Replies
ADVERTISEMENT
Jul 6, 2014
I have set up an Apache web server that has ssl enabled. If I go to https://myserver.com I get the 'it works!' page and the certificate is valid and trusted. If I go to https://myserver.com/myapp that also works (it's an Oracle weblogic deployed java app that I'm fronting with Apache).
I would like to configure Apache so that when a user goes to simply https://myserver.com it automatically directs them to https://myserver.com/myapp rather than showing the 'It works!' page. I have read some documentation and experimented with setting a redirect via the https.conf file and even the ssl.conf file but nothing seems to work. I either get a 404 or simply the 'It works! page.
View 1 Replies
View Related
Nov 1, 2014
I've just joined the group and new to Apache/php. I have just assembled a website in Joomla/vertumart and called petslovezone.com.au. I want to redirect all the request such as
1. http://xyz.com to https://xyz.com
2. http://www.xyz.com to https://xyz.com
3. xyz.com. to https://xyz.com
4. www.xyz.com to https://xyz.com
now know I have to change .htaccess "RewriteEngine On" section. What would be the best code to do all the above.
Apache Version2.4.10
PHP Version5.4.32
View 2 Replies
View Related
Aug 17, 2013
I am trying to find out if redirecting an https URL to an http URL will still provide the security of the original https? Should the page information for the redirected http page show it as being unencrypted or shouldn't it have the same encryption as the original https?
View 3 Replies
View Related
Dec 18, 2013
i want to redirect main domain http //, www request to https://
i added this code
RewriteCond %{HTTPS} off# First rewrite to HTTPS:# Don't put www. here. If it is already there it will be included, if not# the subsequent rule will catch it.RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]# Now, rewrite any request to the wrong domain to use www.RewriteCond %{HTTP_HOST} !^www.RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
View 2 Replies
View Related
Mar 13, 2015
Apache2.4.6
apr-1.4.8
openssl-1.0.1c
arm-linux-gcc4.4.4
Recently I cross compiled Apache2.4.6 to run in my ARM cpu, and I found that http can work well if only it's own port such as 80 is listened, but if add one more port to be listened in conf file, http fails. That means http is good, but after https is on, http stop working and https is good. At the same time, I built the same apache2.4.6 in X86 gcc4.6.1, http and https can both work well. In addition, I also tried apache1.3.33 in the same ARM system, http and https can work well too. It seems like that in apache2.4.6, http can't work well if there is one more port listened in ARM system. Actually http port is listening and is established when using netstat to monitor it.
root@freescale /usr/local/apache/bin$ netstat -a
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 :::www :::* LISTEN
tcp 0 0 :::443 :::* LISTEN
tcp 0 0 (null):www (null):3705 ESTABLISHED
tcp 0 0 (null):443 (null):3720 ESTABLISHED
View 1 Replies
View Related
Oct 7, 2014
I´ve read that a whole https website might be better for SEO than just a mixed version. So I want to change the whole website to https.
We are using Plesk 12 on Win 2008 R2.
One Website is using DotNetNuke 7.3.2.
How can I automatically set the whole website to https?
What happens to the users that just type domainname.com without http or https.?
What is the right search engine friendly technique to permanently redirect to the https version even when the user is not using the application protocol prefix http/https?
Where can I do the setup in Plesk 12 fro Windows?
Are their any other drawbacks that I have to think over before I do the changes?
View 5 Replies
View Related
Sep 18, 2014
One site just linked to my website with incorrect URL as URL.. want to correct this by redirecting the URL to URL.... Therefore, I add the following line in my .htaccess, as follows: Redirect 301 /aor/%e2%80%9d URL...
However, this does not work. When I input URL... in Firefox or IE, the browser still said the page not found(404) error.
View 1 Replies
View Related
Oct 19, 2007
I just installed a RapidSSL cert on www.mysite.com
Works fine if a user types [url]
But what I'd like is if a user types [url] it shows up as secure. I tried a redired 301 in my .htaccess file but that doesn't seem to work.
View 5 Replies
View Related
Jun 16, 2009
if there is anyway to redirect my users to https no matter what page they are on using htaccess?
I really don't fancey using full url extentions and changing them on every link on my site. I can get the homepage to redirect to https but not any other.
If there is no way to do this does anyone know the shortest hyperlink to use the redirect?
View 7 Replies
View Related
Apr 28, 2008
I have to redirect all the links from http to https.
IS there some setting on IIS.
SSL is installed on server.
View 2 Replies
View Related
Jul 17, 2007
I'm not to good with htaccess.
I am able to find information on the 2 items I am looking for separately but not together.
I need all pages on a site to redirect to the www ssl version of the page.
so..
[url] > [url]
[url]> [url]
[url]> [url]
View 3 Replies
View Related
Jun 16, 2009
I have done this with .htaccess on apche but I am looking to do HTTP to HTTPS redirect for all requests on Zeus server using rewite.script
what I want basically is that all request to [url]goes to [url]
View 0 Replies
View Related
Mar 25, 2015
I have bought ssl certificate but if I open my site I think it is redirect to http because I dont see https. I use nginx like web server.
View 13 Replies
View Related
Apr 28, 2014
We have a new PPA installation to replace Hsphere.
One of the issues we have is most old Hsphere customers want to just go to http://cp.myppaserver.com and have it automatically redirect to https://cp.myppaserver.com:8443 as it did with Hsphere.
Ho can I achieve this with my Plesk Automation install?
View 1 Replies
View Related
Jul 18, 2014
how can I make a redirect traffic to the site that I have over HTTPS in HTTP? Disabling SSL 404 using Plesk 11 with nginx + php-pfm
View 2 Replies
View Related
Nov 28, 2014
the hostname is www.domain.com also in the serversettings of plesk. When we go to http://www.domain.com:8443 we become redirected to https://www:8443. The only way to connect to plesk is to use https the redirect from http doesnt work.
View 1 Replies
View Related
May 15, 2014
After installing a RapidSSL certificate in a subdomain, https redirects automatically to http,
Plesk 11.5 with debian and last version openssl
Why https redirect to http when I setup the certificate?
View 1 Replies
View Related
Jun 25, 2014
Last week I have updated the apache from 2.4.6 to 2.4.9 version in Win 2008, 64-bit server. There was no openSSL and update was successful. Later I did the update in QA with openSSL and again the updte was successfully completed. Apache services was running fine and everything looked nice.
When I did the same update in the prd where openSSL is also there, it failed to start the service.
steps to update the apache from 2.4.6 to 2.4.9
----------------------------------------------
1> stop the apache services
2> Take the backup by copying original Apache installation directory and rename it . (eg I:Program Files (x86)Apache Software FoundationApache2.2 to Apache2.2_old)
3> Unzip the latest binaries to the temp directory
4> Copy the following files apachebin , apachemodules to the Apache Inst Directory ( I:Program Files (x86)Apache Software FoundationApache2.2)
5> start the apache service
----------------------------------------------------
QA and PRD both has enabled openSSL but it was prd where we got the issue , and the apache services couldnt be started. We have had to revert the change. Find the error log in the apache directory
--------------------------
[Tue Jun 24 21:12:12.665632 2014] [ssl:emerg] [pid 3336:tid 320] AH02561: Failed to configure certificate
RGWEB58V.brotherdc.eu:443:0, check G:/Program Files (x86)/Apache Software Foundation/Apache2.2/conf/server.crt
[Tue Jun 24 21:12:12.665632 2014] [ssl:emerg] [pid 3336:tid 320] SSL Library Error: error:0906D06C:PEM
routines:PEM_read_bio:no start line (Expecting: CERTIFICATE) -- Bad file contents or format - or even just a
forgotten SSLCertificateKeyFile? [Tue Jun 24 21:12:12.665632 2014] [ssl:emerg] [pid 3336:tid 320] SSL Library Error: error:140AD009:SSL
routines:SSL_CTX_use_certificate_file:PEM lib
---------------------------------------
I read somewhere that there is bug in 2.4.9 as this version breaks the openSSL.
Also read on this forum that someone resolved the issu by changing the server certificate from DER to PEM.
View 7 Replies
View Related
Aug 5, 2008
i would like to update my CentOS Linux 5 but i don't want to update mysql and apache i need to use mysql 4. When i entered yum update i can see Total download size: 245 M i can see mysql i386 5.0.45-7.el5 base 4.1 M
how can update my server without updating mysql and apache
View 5 Replies
View Related
May 4, 2015
I keep hearing that redirecting from http to https is not very secure [non-SSL to SSL]. Among other reasons, one reason is that the browser may continue to think it is communicating with non secure server and may not encrypt the data. Is it true? I hope not, I am using the following -
<VirtualHost 12.34.567.89:80>
ServerName www.mysite1234.com:80
Redirect / https://www.mysite1234.com/
</VirtualHost>
View 1 Replies
View Related
Jan 17, 2014
I have a problem with slow Apache 2.4.4. It's only related with https which is in general 5 time slower than the same site via http. I see this difference on the monitoring software which is measuring response time to http and https every 5 seconds. In some cases i got even timeouts in the browser on https while in the same time site is opening over http - slowly but opens always.
Apache runs on Win2k8 Enterprise, Version 2.4.4 x64 - VC10. Server is connected with quite poor internet connection as it's located in Africa. Despite of connection quality http is working properly all the time.
View 19 Replies
View Related
Apr 11, 2014
i have setup everything before using ssl without issue for using https url.Now I'm having issues for Apache 2.4.9.
In url https://tomysite.com i get
Not Found
View 7 Replies
View Related
Mar 3, 2015
I'm using a turnkey image for smallmachineforum system, installed on amazon aws instance.
In the default configuration I can't use the http version of the site, only the https.
It does not seem to be a network issue, a telnet on port 80 opens.
The server is apache version 2.2.22, on a Debian 3.2.57-3+deb7u2 x86_64
View 2 Replies
View Related
Jan 21, 2015
Say I have two domains: example.com and example.net.
Upon a http request to example.com, I wish to redirect to https://example.com.
Upon either a http or https request to example.net, I wish to redirect to https://example.com.
Note that for both cases, subdomains should also be redirected, and the change should be considered permanent.
I've seem multiple ways to do so. What is the best way? How do I deal with subdomains when there is a new domain such as example.net to example.com?
I've taken a stab. How to fill in the gaps?
View 1 Replies
View Related
