Sorry to butt in here. I've been following this post with some interest.
I wanted to accomplish the same thing the original OP wanted to
accomplish, redirect all traffic to the secure version of my site. I went
to the internet and found directions on how to do this using mod_rewrite
rules. Now that I know I should be using redirect instead, I had some
questions. Should I start my own topic or just ask in this one? What's
generally considered best practice in a situation like this, where my
question revolves around the original ops question?
Thanks!
On Sat, Feb 18, 2017 at 3:02 PM, Dr James Smith <j...@sanger.ac.uk> wrote:
> As I only run HTTPS - I have the following on port 80 - (this can't be
> done with redirect)
>
> <VirtualHost *:80>
> ...
> ...
> ...
>
> RewriteEngine on
> RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge
> RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI}
> [R=permanent,L,NE]
> </VirtualHost>
>
> So I only have one port 80 configuration - even tho' I'm running something
> like 30 sub-domains on one machine and 70 sub-domains on the other...
> {There is some other stuff associated with this - and I've got HTST
> headers set - and preloaded where I can - so most browsers won't hit the
> port 80 anyway!}
>
>
>
> On 18/02/2017 19:00, Daniel wrote:
>
> Yes please, let's stay away of convoluted and most times innecessary
> mod_rewrite examples to do simpleton configurations.
>
> If you are in virtualhost 80, you have specified servername correctly and
> you just want to redirect to ssl, why not a single Redirect statement?
>
> As Yann's refered document says:
> Redirect / https://something.example.com/
>
> Most people here knows this but there are gazillions web pages refering to
> bad advice, duck and tape solutions and convolued ways of using mod_rewrite
> for a simple redirection when placed in proper context, we need to finish
> with that trend, and the best way is to give simple, straight to the point
> examples "first".
>
> The mod_rewrite example given,lets slice it out:
> > RewriteCond %{HTTP_HOST} =www.example.com
> > RewriteCond %{SERVER_PORT} =80
> > RewriteRule ^(.*)$ https://www.example.com/$1 [R]
>
> This clearly assumes it is a generic recipe in a .htaccess somewhere which
> can be read from a non-SSL virtualhost or non-SSL virtualhost (just to be
> ignored).
>
> 1º It checks the host name, but why? if you have defined a VirtualHost
> with that servername and there are no conflicts the request is already
> landing there.
> 2º It checks for port 80. But we are redirecting to SSL, so we are already
> on port 80, why check it?
> 3º Can be replaced with a Redirect as mentioned above.
>
> So instead of giving out recipes for .htaccess thought out for an aging
> era or shared virtualhosting, lets recommend the ideal virtualhost context
> recipe first as Yann proposed earlier:
>
> Define the virtualhost with the names you serve.
> <VirtualHost *:80>
> ServerName something.example.com
> Redirect / https://something.example.com/
> </VirtualHost>
>
> There is no guessing here, no unnecessary directives and it's hard to miss
> or confuse with other directives and the context where it resides is
> crystal clear.
>
> Later on, when things need to be complicated, then I guess we can use "If"
> or "mod_rewrite", and recommend it as needed.
>
>
> 2017-02-18 19:38 GMT+01:00 Richard <lists-apa...@listmail.innovate.net>:
>
>>
>>
>> > Date: Saturday, February 18, 2017 11:04:34 -0700
>> > From: James Moe <ji...@sohnen-moe.com>
>> >
>> > On 02/18/2017 05:08 AM, Rodrigo Cunha wrote:
>> >> i want redirect all request from port 80 to 443.
>> >> what is better setting for fix this?
>> >>
>> > Better than what?
>> > Fix? Is it broken?
>> >
>> > RewriteCond %{HTTP_HOST} =www.example.com
>> > RewriteCond %{SERVER_PORT} =80
>> > RewriteRule ^(.*)$ https://www.example.com/$1 [R]
>>
>> Perhaps, better than using a "rewrite"? See the documentation
>> reference, given in an earlier post:
>>
>> <https://httpd.apache.org/docs/2.4/rewrite/avoid.html#redirect>
>>
>> that has this as a specific example of when/why to use a "redirect"
>> rather than a "rewrite".
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>> For additional commands, e-mail: users-h...@httpd.apache.org
>>
>>
>
>
> --
> *Daniel Ferradal*
> IT Specialist
>
> email dferradal at gmail.com
> linkedin es.linkedin.com/in/danielferradal
>
>
>
> -- The Wellcome Trust Sanger Institute is operated by Genome Research
> Limited, a charity registered in England with number 1021457 and a company
> registered in England with number 2742969, whose registered office is 215
> Euston Road, London, NW1 2BE.
>
