Project

General

Profile

Actions

HowToRedirectHttpToHttps » History » Revision 15

« Previous | Revision 15/33 (diff) | Next »
Anonymous, 2007-11-20 15:10


= How to redirect HTTP requests to HTTPS =

As of version 1.4.11 this is as simple as:

{{{
$SERVER["socket"] == ":80" {
$HTTP["host"] =~ "example.org" {
url.redirect = ( "^/(.*)" => "https://example.org/$1" )
server.name = "example.org"
}
}

$SERVER["socket"] == ":443" {
ssl.engine = "enable"
ssl.pemfile = "/path/to/example.org.pem"
server.document-root = "..."
}
}}}

(Note: this also works in versions prior to 1.4.11 providing you have not specified {{{server.port = 80}}} in your configuration file.)

To redirect ''all'' hosts to their secure equivalents use the following in place of the socket 80 configuration above:

{{{
$SERVER["socket"] == ":80" {
$HTTP["host"] =~ "(.*)" {
url.redirect = ( "^/(.*)" => "https://%1/$1" )
}
}
}}}

----
The information was taken from two postings to the mailing list by Jan:
WARNING: unknown config-key: url.redirect (ignored)

If you see this error {{{
WARNING: unknown config-key: url.redirect (ignored)
}}}

Then you need to add mod_redirect under server.modules in your lighttpd conf file:

{{{
server.modules = (
"mod_rewrite",
"mod_redirect",
"mod_alias",
"mod_access",
...
)
}}}


'''Comments:BR
It didn't work for me 1.4.13BR
Starting lighttpd: 2007-02-04 12:48:00: (network.c.300) can't bind to port: 80 Address already in useBR
Both with server.port = 80 and with that commentedBR
Does server.bind has influence?(It was set) BR'''


I had this trouble, darix on #lighttpd solved it for me:
This: {{{
$SERVER["socket"] == "1.2.3.5:443" {
protocol = "https://"

  1. Provide ssl
    ssl.engine = "enable"
    ssl.pemfile = "/path/to/pem"
fastcgi.server = ( ".fcgi" =>
( "localhost" =>
(
"min-procs" => 1,
"max-procs" => 5,
"socket" => "/tmp/example",
"bin-path" => "/path/to/dispatch.fcgi",
"bin-environment" => ( "RAILS_ENV" => "production" )
)
)
)
}

$SERVER["socket"] == "1.2.3.5:80" {
$HTTP["host"] =~ "(.*)" {
url.redirect = ( "^/(.*)" => "https://%1/$1" )
}
}
}}}
Is the cause. This is the solution: {{{
$SERVER["socket"] == "1.2.3.5:443" {
protocol = "https://"

  1. Provide ssl
    ssl.engine = "enable"
    ssl.pemfile = "/path/to/pem"
fastcgi.server = ( ".fcgi" =>
( "localhost" =>
(
"min-procs" => 1,
"max-procs" => 5,
"socket" => "/tmp/example",
"bin-path" => "/path/to/dispatch.fcgi",
"bin-environment" => ( "RAILS_ENV" => "production" )
)
)
)
}
else $HTTP["host"] =~ "(.*)" {
url.redirect = ( "^/(.*)" => "https://%1/$1" )
}
}}}
(following a socket statement)

I'm not satisfied with any of the above so here is my solution. First you need to apply [http://kenny.juvepoland.com/~swiergot/lighttpd-scheme.diff this] to lighty's source. After recompile you can use the following syntax:

{{{
$HTTP["host"] "sth.example.com" {
$HTTP["scheme"] "http" {
url.redirect = ("^/(phpmyadmin/.*)" => "https://sth.example.com/$1")
}
}
}}}

Nice, isn't it?

I haven't applied the patch yet, but you should be able to simply do...

{{{
$HTTP["scheme"] == "http" {
url.redirect = ("^/(phpmyadmin/.*)" => "https://%1/$1")
}
}}}

NOTE: the patch is now in svn (Should be released with 1.5.x and 1.4.19).

Updated by Anonymous about 17 years ago · 15 revisions