Join Log in
Score:0
gakshat avatar Server

Apache Redirect HTTP To HTTPS Not Working

be flag
gakshat

I am trying to force redirecting all HTTP traffic to HTTPS using my httpd.conf file on my Apache server.

Expected behaviour: When users visit http://example.com, they should get redirected to https://example.com/.

Actual behaviour: When users visit http://example.com, they stay at the same link and an error message is shown by the browser (This site can’t be reached, http://example.com/ refused to connect).

This is my httpd.conf code:

Listen 443

<VirtualHost *:80>
    DocumentRoot "/var/www/html"
    ServerName "example.com"
    ServerAlias "www.example.com"
    Redirect permanent / "https://example.com/"

    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]

</VirtualHost>

I also have a httpd-le-ssl.conf file which defines configs for my HTTPS port. The HTTPS link works perfectly fine, I had installed the certificate using certbot.

<IfModule mod_ssl.c>
<VirtualHost *:443>
    DocumentRoot "/var/www/html"
    ServerName "example.com"
    ServerAlias "www.example.com"
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
</VirtualHost>
</IfModule>

What I Have Tried:

  1. Tried removing "Redirect permanent" and keeping only the RewriteEngine rules in httpd.conf
  2. Tried removing RewriteEngine rules and keeping only "Redirect permanent" rule in httpd.conf
  3. Tried keeping both in .htaccess file in my document root /var/www/html
  4. Tried keeping both in .htaccess file in /var/www/

Links:

  1. Full httpd.conf source code
169
0 + 14
ssl
br flag
garethTheRed
`<IfModule mod_ssl.c>` - is the SSL module loaded?
0
Reply
gakshat avatar
be flag
gakshat
Would be because `https://example.com/` works perfectly fine. Only `http://example.com` has the issue
0
Reply
br flag
garethTheRed
My bad - should read the question properly :-)
0
Reply
dave_thompson_085 avatar
jp flag
dave_thompson_085
You need a `Listen 80` directive (_in addition to_ `Listen 443`)
2
Reply
jm flag
doneal24
The rewrite lines are unnecessary. The `Redirect permanent` is sufficient to redirect all traffic to the https:// site. You don't even need to defined the DocumentRoot.
0
Reply
gakshat avatar
be flag
gakshat
@dave_thompson_085 I had added that before as suggested by another past thread here, but that threw up a different error for me in the browser - `Bad Request Your browser sent a request that this server could not understand. Reason: You're speaking plain HTTP to an SSL-enabled server port. Instead use the HTTPS scheme to access this URL, please.`
0
Reply
gakshat avatar
be flag
gakshat
@doneal24 I had tried this before (having only `Redirect permanent`), but that also didn't change anything.
0
Reply
jm flag
doneal24
You have to put in the “Listen 80,443” and then make sure you’re browsing to the right port. The error message indicates you are using http:// but connecting to port 443.
0
Reply
gakshat avatar
be flag
gakshat
@doneal24 that's what the goal is - if user visits port 80 (http), then they should redirect to 443 (https)! Going to https directly works perfectly as stated in the question. Getting there automatically for users who are visiting the http version is the problem
0
Reply
jm flag
doneal24
The error message you reported has only a few interpretations. You browsed to ‘http://example com:443’ or you enabled SSL on port 80. Port 80 cannot have SSL enabled but you can easily redirect to the SSL port.
0
Reply
jm flag
doneal24
btw, `.htaccess` does not affect the protocol used.
0
Reply
gakshat avatar
be flag
gakshat
@doneal24 - I browsed to port 80 and I don't have SSL enabled on port 80.
0
Reply
jm flag
doneal24
How did you browse to port 80? Did you explicitly use http://, e.g., `http://example.com`? Do you possibly have HSTS enabled?
0
Reply
gakshat avatar
be flag
gakshat
Yes, I explicitly used http:// to browse to port 80. Not sure on HSTS, how can I check if it's enabled?
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.