HowToRedirectHttpToHttps » History » Revision 17
Revision 16 (Anonymous, 2007-11-20 15:10) → Revision 17/33 (stefan741, 2009-10-20 20:48)
h1. How to redirect HTTP requests to HTTPS As of version 1.4.11 this is as simple as: <pre> $SERVER["socket"] == ":80" { $HTTP["host"] =~ "example.org" { url.redirect = ( "^/(.*)" => "https://example.org/$1" ) server.name = "example.org" } } $SERVER["socket"] == ":443" { ssl.engine = "enable" ssl.pemfile = "/path/to/example.org.pem" server.document-root = "..." } </pre> (Note: this also works in versions prior to 1.4.11 providing you have not specified {{{server.port = 80}}} in your configuration file.) To redirect _all_ hosts to their secure equivalents use the following in place of the socket 80 configuration above: <pre> $SERVER["socket"] == ":80" { $HTTP["host"] =~ "(.*)" { url.redirect = ( "^/(.*)" => "https://%1/$1" ) } } </pre> ---- The information was taken from two postings to the mailing list by Jan: WARNING: unknown config-key: url.redirect (ignored) * http://article.gmane.org/gmane.comp.web.lighttpd/3575 * http://article.gmane.org/gmane.comp.web.lighttpd/3580 If you see this error <pre> WARNING: unknown config-key: url.redirect (ignored) </pre> Then you need to add mod_redirect under server.modules in your lighttpd conf file: <pre> server.modules = ( "mod_rewrite", "mod_redirect", "mod_alias", "mod_access", ... ) </pre> ---- '''Comments: It didn't work for me 1.4.13 Starting lighttpd: 2007-02-04 12:48:00: (network.c.300) can't bind to port: 80 Address already in use Both with server.port = 80 and with that commented Does server.bind has influence?(It was set) ''' ---- I had this trouble, darix on #lighttpd solved it for me: This: <pre> $SERVER["socket"] == "1.2.3.5:443" { protocol = "https://" # Provide ssl ssl.engine = "enable" ssl.pemfile = "/path/to/pem" fastcgi.server = ( ".fcgi" => ( "localhost" => ( "min-procs" => 1, "max-procs" => 5, "socket" => "/tmp/example", "bin-path" => "/path/to/dispatch.fcgi", "bin-environment" => ( "RAILS_ENV" => "production" ) ) ) ) } $SERVER["socket"] == "1.2.3.5:80" { $HTTP["host"] =~ "(.*)" { url.redirect = ( "^/(.*)" => "https://%1/$1" ) } } </pre> Is the cause. This is the solution: <pre> $SERVER["socket"] == "1.2.3.5:443" { protocol = "https://" # Provide ssl ssl.engine = "enable" ssl.pemfile = "/path/to/pem" fastcgi.server = ( ".fcgi" => ( "localhost" => ( "min-procs" => 1, "max-procs" => 5, "socket" => "/tmp/example", "bin-path" => "/path/to/dispatch.fcgi", "bin-environment" => ( "RAILS_ENV" => "production" ) ) ) ) } else $HTTP["host"] =~ "(.*)" { url.redirect = ( "^/(.*)" => "https://%1/$1" ) } </pre> (following a socket statement) ---- I'm not satisfied with any of the above so here is my solution. First you need to apply "this":http://kenny.juvepoland.com/~swiergot/lighttpd-scheme.diff to lighty's source. After recompile you can use the following syntax: <pre> $HTTP["host"] == "sth.example.com" { $HTTP["scheme"] == "http" { url.redirect = ("^/(phpmyadmin/.*)" => "https://sth.example.com/$1") } } </pre> Nice, isn't it? /swiergot@gmail.com I haven't applied the patch yet, but you should be able to simply do... <pre> $HTTP["scheme"] == "http" { url.redirect = ("^/(phpmyadmin/.*)" => "https://%1/$1") } </pre> NOTE: the patch is now in svn (Should be released with 1.5.x and 1.4.19). This worked for me on 1.4.13. Just redirects example.com/secure but not plain example.com. <pre> $SERVER["socket"] == ":8080" { $HTTP["url"] =~ "(.*)/secure" { url.redirect = ( "^/(.*)" => "https://www.example.com/secure/" ) } server.document-root = "/var/www" } </pre>