Project

General

Profile

Actions

HowToRedirectHttpToHttps » History » Revision 17

« Previous | Revision 17/33 (diff) | Next »
stefan741, 2009-10-20 20:48


How to redirect HTTP requests to HTTPS

As of version 1.4.11 this is as simple as:


$SERVER["socket"] == ":80" {
  $HTTP["host"] =~ "example.org" {
    url.redirect = ( "^/(.*)" => "https://example.org/$1" )
    server.name                 = "example.org" 
  }
}

$SERVER["socket"] == ":443" {
  ssl.engine = "enable" 
  ssl.pemfile = "/path/to/example.org.pem" 
  server.document-root = "..." 
}

(Note: this also works in versions prior to 1.4.11 providing you have not specified {{{server.port = 80}}} in your configuration file.)

To redirect all hosts to their secure equivalents use the following in place of the socket 80 configuration above:


$SERVER["socket"] == ":80" {
  $HTTP["host"] =~ "(.*)" {
    url.redirect = ( "^/(.*)" => "https://%1/$1" )
  }
}

----
The information was taken from two postings to the mailing list by Jan:
WARNING: unknown config-key: url.redirect (ignored)

If you see this error


WARNING: unknown config-key: url.redirect (ignored)

Then you need to add mod_redirect under server.modules in your lighttpd conf file:


server.modules              = (
                                "mod_rewrite",
                                "mod_redirect",
                                "mod_alias",
                                "mod_access",
                                ...
)

'''Comments:

It didn't work for me 1.4.13

Starting lighttpd: 2007-02-04 12:48:00: (network.c.300) can't bind to port: 80 Address already in use

Both with server.port = 80 and with that commented

Does server.bind has influence?(It was set)
'''


I had this trouble, darix on #lighttpd solved it for me:
This:


$SERVER["socket"] == "1.2.3.5:443" {
        protocol = "https://" 

        # Provide ssl
        ssl.engine = "enable" 
        ssl.pemfile = "/path/to/pem" 

        fastcgi.server = ( ".fcgi" =>
                ( "localhost" =>
                  (
                   "min-procs" => 1,
                   "max-procs" => 5,
                   "socket" => "/tmp/example",
                   "bin-path" => "/path/to/dispatch.fcgi",
                   "bin-environment" => ( "RAILS_ENV" => "production" )
                  )
                )
              )
}

$SERVER["socket"] == "1.2.3.5:80" {
  $HTTP["host"] =~ "(.*)" {
    url.redirect = ( "^/(.*)" => "https://%1/$1" )
  }
}

Is the cause. This is the solution:


$SERVER["socket"] == "1.2.3.5:443" {
        protocol = "https://" 

        # Provide ssl
        ssl.engine = "enable" 
        ssl.pemfile = "/path/to/pem" 

        fastcgi.server = ( ".fcgi" =>
                ( "localhost" =>
                  (
                   "min-procs" => 1,
                   "max-procs" => 5,
                   "socket" => "/tmp/example",
                   "bin-path" => "/path/to/dispatch.fcgi",
                   "bin-environment" => ( "RAILS_ENV" => "production" )
                  )
                )
              )
} 
else  $HTTP["host"] =~ "(.*)" {
    url.redirect = ( "^/(.*)" => "https://%1/$1" )
}

(following a socket statement)


I'm not satisfied with any of the above so here is my solution. First you need to apply this to lighty's source. After recompile you can use the following syntax:


$HTTP["host"] == "sth.example.com" {
    $HTTP["scheme"] == "http" {
            url.redirect = ("^/(phpmyadmin/.*)" => "https://sth.example.com/$1")
    }
}

Nice, isn't it?

I haven't applied the patch yet, but you should be able to simply do...


$HTTP["scheme"] == "http" {
        url.redirect = ("^/(phpmyadmin/.*)" => "https://%1/$1")
}

NOTE: the patch is now in svn (Should be released with 1.5.x and 1.4.19).

This worked for me on 1.4.13. Just redirects example.com/secure but not plain example.com.


$SERVER["socket"] == ":8080" {
        $HTTP["url"] =~ "(.*)/secure" { url.redirect = ( "^/(.*)" => "https://www.example.com/secure/" ) }
        server.document-root = "/var/www" 
}

Updated by stefan741 over 14 years ago · 17 revisions