Forcing SSL only connection

Discussion in 'General' started by Norman, Jul 12, 2007.

  1. Norman

    Norman Member

    Say a site has SSL enabled. It's still possible to connect to non-SSL.

    What's the best way to force incoming connections to apache on port 80 to go to the SSL port? Redirect somehow?
     
  2. Ben

    Ben ISPConfig Developer ISPConfig Developer

    Try it with the following mod_rewrite rule

     
  3. Norman

    Norman Member

    Seems to work. Will this prevent anyone trying to surf unencrypted though?
     
  4. Ben

    Ben ISPConfig Developer ISPConfig Developer

    I woul say yes, cause in my tests in redirected / rewrote every access without http to https
     

Share This Page