Project

General

Profile

HowToRedirectHttpToHttps » History » Revision 18

Revision 17 (stefan741, 2009-10-20 20:48) → Revision 18/33 (stefan741, 2009-10-20 20:49)

h1. How to redirect HTTP requests to HTTPS 


 As of version 1.4.11 this is as simple as: 


 <pre> 

 $SERVER["socket"] == ":80" { 
   $HTTP["host"] =~ "example.org" { 
     url.redirect = ( "^/(.*)" => "https://example.org/$1" ) 
     server.name                   = "example.org" 
   } 
 } 

 $SERVER["socket"] == ":443" { 
   ssl.engine = "enable" 
   ssl.pemfile = "/path/to/example.org.pem" 
   server.document-root = "..." 
 } 
 </pre> 


 (Note: this also works in versions prior to 1.4.11 providing you have not specified {{{server.port = 80}}} in your configuration file.) 

 To redirect _all_ hosts to their secure equivalents use the following in place of the socket 80 configuration above: 


 <pre> 

 $SERVER["socket"] == ":80" { 
   $HTTP["host"] =~ "(.*)" { 
     url.redirect = ( "^/(.*)" => "https://%1/$1" ) 
   } 
 } 
 </pre> 


 ---- 
 The information was taken from two postings to the mailing list by Jan: 
 WARNING: unknown config-key: url.redirect (ignored) 

 * http://article.gmane.org/gmane.comp.web.lighttpd/3575 
 * http://article.gmane.org/gmane.comp.web.lighttpd/3580 

 If you see this error 

 <pre> 

 WARNING: unknown config-key: url.redirect (ignored) 
 </pre> 


 Then you need to add mod_redirect under server.modules in your lighttpd conf file: 


 <pre> 

 server.modules                = ( 
                                 "mod_rewrite", 
                                 "mod_redirect", 
                                 "mod_alias", 
                                 "mod_access", 
                                 ... 
 ) 
 </pre> 




 ---- 

 '''Comments: 

 It didn't work for me 1.4.13 

 Starting lighttpd: 2007-02-04 12:48:00: (network.c.300) can't bind to port:    80 Address already in use 

 Both with server.port                  = 80 and with that commented 

 Does server.bind    has influence?(It was set)  
 ''' 

 ---- 

 I had this trouble, darix on #lighttpd solved it for me: 
 This: 

 <pre> 

 $SERVER["socket"] == "1.2.3.5:443" { 
         protocol = "https://" 
 
         # Provide ssl 
         ssl.engine = "enable" 
         ssl.pemfile = "/path/to/pem" 
 
         fastcgi.server = ( ".fcgi" => 
                 ( "localhost" => 
                   ( 
                    "min-procs" => 1, 
                    "max-procs" => 5, 
                    "socket" => "/tmp/example", 
                    "bin-path" => "/path/to/dispatch.fcgi", 
                    "bin-environment" => ( "RAILS_ENV" => "production" ) 
                   ) 
                 ) 
               ) 
 } 

 $SERVER["socket"] == "1.2.3.5:80" { 
   $HTTP["host"] =~ "(.*)" { 
     url.redirect = ( "^/(.*)" => "https://%1/$1" ) 
   } 
 } 
 </pre> 

 Is the cause. This is the solution: 

 <pre> 

 $SERVER["socket"] == "1.2.3.5:443" { 
         protocol = "https://" 
 
         # Provide ssl 
         ssl.engine = "enable" 
         ssl.pemfile = "/path/to/pem" 
 
         fastcgi.server = ( ".fcgi" => 
                 ( "localhost" => 
                   ( 
                    "min-procs" => 1, 
                    "max-procs" => 5, 
                    "socket" => "/tmp/example", 
                    "bin-path" => "/path/to/dispatch.fcgi", 
                    "bin-environment" => ( "RAILS_ENV" => "production" ) 
                   ) 
                 ) 
               ) 
 }  
 else    $HTTP["host"] =~ "(.*)" { 
     url.redirect = ( "^/(.*)" => "https://%1/$1" ) 
 } 
 </pre> 

 (following a socket statement) 

 ---- 

 I'm not satisfied with any of the above so here is my solution. First you need to apply "this":http://kenny.juvepoland.com/~swiergot/lighttpd-scheme.diff to lighty's source. After recompile you can use the following syntax: 


 <pre> 

 $HTTP["host"] == "sth.example.com" { 
     $HTTP["scheme"] == "http" { 
             url.redirect = ("^/(phpmyadmin/.*)" => "https://sth.example.com/$1") 
     } 
 } 
 </pre> 


 Nice, isn't it? /swiergot@gmail.com 

 I haven't applied the patch yet, but you should be able to simply do... 


 <pre> 

 $HTTP["scheme"] == "http" { 
         url.redirect = ("^/(phpmyadmin/.*)" => "https://%1/$1") 
 } 
 </pre> 


 NOTE: the patch is now in svn (Should be released with 1.5.x and 1.4.19). 

 ----- 

 


 This worked for me on 1.4.13. Just redirects example.com/secure but not plain example.com. 
 <pre> 

 $SERVER["socket"] == ":8080" { 
         $HTTP["url"] =~ "(.*)/secure" { url.redirect = ( "^/(.*)" => "https://www.example.com/secure/" ) } 
         server.document-root = "/var/www" 
 } 
 </pre>