HowToRedirectHttpToHttps » History » Revision 12
Revision 11 (Anonymous, 2007-07-04 19:30) → Revision 12/33 (glen, 2007-11-05 09:15)
= How to redirect HTTP requests to HTTPS =
As of version 1.4.11 this is as simple as:
{{{
$SERVER["socket"] == ":80" {
$HTTP["host"] =~ "example.org" {
url.redirect = ( "^/(.*)" => "https://example.org/$1" )
server.name = "example.org"
}
}
$SERVER["socket"] == ":443" {
ssl.engine = "enable"
ssl.pemfile = "/path/to/example.org.pem"
server.document-root = "..."
}
}}}
(Note: this also works in versions prior to 1.4.11 providing you have not specified {{{server.port = 80}}} in your configuration file.)
To redirect ''all'' hosts to their secure equivalents use the following in place of the socket 80 configuration above:
{{{
$SERVER["socket"] == ":80" {
$HTTP["host"] =~ "(.*)" {
url.redirect = ( "^/(.*)" => "https://%1/$1" )
}
}
}}}
----
The information was taken from two postings to the mailing list by Jan:
WARNING: unknown config-key: url.redirect (ignored)
* http://article.gmane.org/gmane.comp.web.lighttpd/3575
* http://article.gmane.org/gmane.comp.web.lighttpd/3580
If you see this error
{{{
WARNING: unknown config-key: url.redirect (ignored)
}}}
Then you need to add mod_redirect under server.modules in your lighttpd conf file:
{{{
server.modules = (
"mod_rewrite",
"mod_redirect",
"mod_alias",
"mod_access",
...
)
}}}
----
'''Comments:[[BR]]
It didn't work for me 1.4.13[[BR]]
Starting lighttpd: 2007-02-04 12:48:00: (network.c.300) can't bind to port: 80 Address already in use[[BR]]
Both with server.port = 80 and with that commented[[BR]]
Does server.bind has influence?(It was set) [[BR]]'''
----
I had this trouble, darix on #lighttpd solved it for me:
This:
{{{
$SERVER["socket"] == "1.2.3.5:443" {
protocol = "https://"
# Provide ssl
ssl.engine = "enable"
ssl.pemfile = "/path/to/pem"
fastcgi.server = ( ".fcgi" =>
( "localhost" =>
(
"min-procs" => 1,
"max-procs" => 5,
"socket" => "/tmp/example",
"bin-path" => "/path/to/dispatch.fcgi",
"bin-environment" => ( "RAILS_ENV" => "production" )
)
)
)
}
$SERVER["socket"] == "1.2.3.5:80" {
$HTTP["host"] =~ "(.*)" {
url.redirect = ( "^/(.*)" => "https://%1/$1" )
}
}
}}}
Is the cause. This is the solution:
{{{
$SERVER["socket"] == "1.2.3.5:443" {
protocol = "https://"
# Provide ssl
ssl.engine = "enable"
ssl.pemfile = "/path/to/pem"
fastcgi.server = ( ".fcgi" =>
( "localhost" =>
(
"min-procs" => 1,
"max-procs" => 5,
"socket" => "/tmp/example",
"bin-path" => "/path/to/dispatch.fcgi",
"bin-environment" => ( "RAILS_ENV" => "production" )
)
)
)
}
else $HTTP["host"] =~ "(.*)" {
url.redirect = ( "^/(.*)" => "https://%1/$1" )
}
}}}
(following a socket statement)
----
I'm not satisfied with any of the above so here is my solution. First you need to apply [http://kenny.juvepoland.com/~swiergot/lighttpd-scheme.diff this] to lighty's source. After recompile you can use the following syntax:
{{{
$HTTP["host"] == "sth.example.com" {
$HTTP["scheme"] == "http" {
url.redirect = ("^/(phpmyadmin/.*)" => "https://sth.example.com/$1")
}
}
}}}
Nice, isn't it? /swiergot@gmail.com
NOTE: the patch is no in svn.