William Jiang

JavaScript,PHP,Node,Perl,LAMP Web Developer – http://williamjxj.com; https://github.com/williamjxj?tab=repositories

Tag Archives: https

3 tips to redirect http to https

(1) to setup, either in webserver’s config files, such as httpd.conf, conf.d/domains_ssl.conf, or in $HOME/.htaccess. The following is set in $HOME/.htaccess which is convenient:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

(2) In PHP scripts, if there are http links to download .js or .css, be sure to replace it from https or locally. Otherwise it won’t work in IE. e.g. from:

<script type="text/javascript" src="http://www.google.com/jsapi"></script>
<script type="text/javascript">
  google.load("jquery", "1.4.2");
<script language="javascript" type="text/javascript" src="http://bp.yahooapis.com/2.4.21/browserplus-min.js"></script>


<script language="javascript" type="text/javascript" src="jquery-1.4.2.min.js"> /script>
<script language="javascript" type="text/javascript" src="browserplus-min.js"> /script>

To do so, try to download the js codes locally, then do the inclusion.

(3) Version compatiable.
The application uses jQuery 1.4.2 to do the developing, then use jQuery 1.5.1 to deploy. However, under the verion of 1.5.1, some .js plugins don’t work.
I had to change back to jQuery 1.4.2.

After the above modification, the app is now available by using https.


Apache: Redirect http to https

I want to make a fake website: http://www.mytest.com/ to be accessed only through HTTPS protocol; or a certain dir with HTTPS access.
That means:

In order to implement this, there are 2 soultions and several pre-conditions are neccessary:


(1) There is a Linux server with root privilege to have the permission to setup environment.
(2) Have a SSL certification installed on the server.
(3) Have Apache server installed.
(4) Make sure the HTTPS (normally its port number is 443, which is defined at /etc/services) is configured.

The following codes are typically in httpd.conf, however, can be extending to other files if the following definition are in httpd.conf:

# Load config files from the config directory "/etc/httpd/conf.d".
Include conf.d/*.conf

Here I use other file inside conf.d/ to configure 443 port:

    ServerName www.mytest.com
    ServerAlias mytest.com
    DocumentRoot /home/mytest/
    SSLEngine on
    SSLCertificateinfo ...

After the above pre-setup done, we can do the implements.

Method 1: Redirect the Whole Website

Edit apache’s httpd.conf to append following line:

Redirect permanent / https://www.mytest.com/

By this way, any request made to http://www.mytest.com will goto https://www.mytest.com/

After the edit, restart Apache server:
# /etc/init.d/httpd restart
# ps -ef | grep httpd
to make sure the web server running normally.
Now it works. This is easiest way to ensure that your normal user never use plain text HTTP protocol to send data.

Method 2: use .htaccess to redirect the whole website, OR some certain dirs

We can redirect the whole website, or just some certain directories by defining .htaccess with mod_rewrite support.

In this way we need apache’s mod_rewrite module. Make sure it is active in httpd.conf:

LoadModule rewrite_module modules/mod_rewrite.so

After the installation, I create a .htaccess in my home directory:
/home/william$ vi ~/.htaccess:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Save the file, and goto web: http://mytest.com/~william. If the settins is correct, it will automatically redirect to https://mytest.com/~william.

A good reference is at: http://www.cyberciti.biz/tips/howto-apache-force-https-secure-connections.html