Pure https site

[erk]

Hi!

I'm having a bit of trouble finding a way to make a vhost a https-only site.
When I activate SSL for a site I get a <IfModule mod_ssl.c><VirtualHost XX.XX.XX.XX:443> added to my vhosts_ispconfig.conf but the namebased virtualhost on port 80 is still there.
This site should not be accessed at all without https. Is there any way to go around it (short of manually hacking the ispconfig database which I suppose would work)?

Regards,

Erk

[till]

There are no https only sites in ISPConfig.

But maybe you can add an apache rewrite rule in the httpd directives field or in an .htaccess file that rewrites every request that arrives for http:// to https://

[erk]

Ok.

Anyway, I thought I would post my solution to the problem here.

First I added

Quote:

Options +SymLinksIfOwnerMatch

to the virtual host. This is needed for the mod_rewrite to work.
(Adding this is optional when creating a site in Ispconfig but there doesn't seem to be a way of changing it later. Fortunately I'm not afraid to type some SQL by hand )
Then in the document root I added a .htaccess file with a rewrite rule to redirect any non-SSL request to the root of the https site.
The .htaccess file looks like this:

Quote:

RewriteEngine On

RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^.*$ https://%{SERVER_NAME} [R=301,L]

This will redirect http://myserver.com/something/ to https://myserver.com.
I do this because my target directories ( /something/ in this example) requires authenticatiion and this seems to mess things up a bit so rewriting to the root is the clean way of doing it.
If you to redirect to https://myserver.com/something/ then use the following:

Quote:

RewriteEngine On

RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]

I hope this might be of some use to someone in the future.

//Erk