Project

General

Profile

HowToRedirectHttpToHttps » History » Revision 20

Revision 19 (stefan741, 2012-08-11 10:42) → Revision 20/33 (stbuehler, 2012-09-18 00:08)

h1. How to redirect HTTP requests to HTTPS 

 Since 1.4.19 the following should work. For older versions check the history 


 As of version 1.4.11 this page... or just update, srsly. is as simple as: 


 <pre> 

 h1. Example 1 - redirect everything $SERVER["socket"] == ":80" { 
   $HTTP["host"] =~ "example.org" { 
     url.redirect = ( "^/(.*)" => "https://example.org/$1" ) 
     server.name                   = "example.org" 
   } 
 } 

 <pre> 
 $HTTP["scheme"] $SERVER["socket"] == "http" ":443" { 
     # capture vhost name with regex conditiona -> %1 
   ssl.engine = "enable" 
   ssl.pemfile = "/path/to/example.org.pem" 
   server.document-root = "..." 
 } 
 </pre> 


 (Note: this also works in versions prior to 1.4.11 providing you have not specified {{{server.port = 80}}} in your configuration file.) 

 To redirect pattern 
     # must be the most inner block _all_ hosts to their secure equivalents use the redirect rule 
     following in place of the socket 80 configuration above: 


 <pre> 

 $SERVER["socket"] == ":80" { 
   $HTTP["host"] =~ ".*" "(.*)" { 
         
     url.redirect = (".*" ( "^/(.*)" => "https://%1$0") 
     "https://%1/$1" ) 
   } 
 } 
 </pre> 


 h2. Example 2 - specific url ---- 
 The information was taken from two postings to the mailing list by Jan: 
 WARNING: unknown config-key: url.redirect (ignored) 

 * http://article.gmane.org/gmane.comp.web.lighttpd/3575 
 * http://article.gmane.org/gmane.comp.web.lighttpd/3580 

 If you see this error 

 <pre> 

 WARNING: unknown config-key: url.redirect (ignored) 
 $HTTP["scheme"] </pre> 


 Then you need to add mod_redirect under server.modules in your lighttpd conf file: 


 <pre> 

 server.modules                = ( 
                                 "mod_rewrite", 
                                 "mod_redirect", 
                                 "mod_alias", 
                                 "mod_access", 
                                 ... 
 ) 
 </pre> 




 ---- 

 '''Comments: 

 It didn't work for me 1.4.13 

 Starting lighttpd: 2007-02-04 12:48:00: (network.c.300) can't bind to port:    80 Address already in use 

 Both with server.port                  = 80 and with that commented 

 Does server.bind    has influence?(It was set)  
 ''' 

 ---- 

 I had this trouble, darix on #lighttpd solved it for me: 
 This: 

 <pre> 

 $SERVER["socket"] == "http" "1.2.3.5:443" { 
     
         protocol = "https://" 
 
         # Provide ssl 
         ssl.engine = "enable" 
         ssl.pemfile = "/path/to/pem" 
 
         fastcgi.server = ( ".fcgi" => 
                 ( "localhost" => 
                   ( 
                    "min-procs" => 1, 
                    "max-procs" => 5, 
                    "socket" => "/tmp/example", 
                    "bin-path" => "/path/to/dispatch.fcgi", 
                    "bin-environment" => ( "RAILS_ENV" => "production" ) 
                   ) 
                 ) 
               ) 
 } 

 $SERVER["socket"] == "1.2.3.5:80" { 
   $HTTP["host"] =~ ".*" "(.*)" { 
         
     url.redirect = ("^/phpmyadmin/.*" ( "^/(.*)" => "https://%1$0") 
     "https://%1/$1" ) 
   } 
 } 
 </pre> 

 h2. Example 3 - only for specific vhost and url Is the cause. This is the solution: 

 <pre> 
 $HTTP["scheme"] 

 $SERVER["socket"] == "http" "1.2.3.5:443" { 
         protocol = "https://" 
 
         # Provide ssl 
         ssl.engine = "enable" 
         ssl.pemfile = "/path/to/pem" 
 
         fastcgi.server = ( ".fcgi" => 
                 ( "localhost" => 
                   ( 
                    "min-procs" => 1, 
                    "max-procs" => 5, 
                    "socket" => "/tmp/example", 
                    "bin-path" => "/path/to/dispatch.fcgi", 
                    "bin-environment" => ( "RAILS_ENV" => "production" ) 
                   ) 
                 ) 
               ) 
 }  
 else    $HTTP["host"] =~ "(.*)" { 
     url.redirect = ( "^/(.*)" => "https://%1/$1" ) 
 } 
 </pre> 

 (following a socket statement) 

 ---- 

 I'm not satisfied with any of the above so here is my solution. First you need to apply "this":http://kenny.juvepoland.com/~swiergot/lighttpd-scheme.diff to lighty's source. After recompile you can use the following syntax: 


 <pre> 

 $HTTP["host"] == "sth.example.com" { 
     $HTTP["scheme"] == "http" { 
             url.redirect = ("^/phpmyadmin/.*" ("^/(phpmyadmin/.*)" => "https://sth.example.com$0") "https://sth.example.com/$1") 
     } 
 } 
 </pre> 


 Nice, isn't it? /swiergot@gmail.com 

 h2. Further stuff I haven't applied the patch yet, but you should be able to simply do... 


 <pre> 

 Also works $HTTP["scheme"] == "http" { 
         url.redirect = ("^/(phpmyadmin/.*)" => "https://%1/$1") 
 } 
 </pre> 


 NOTE: the other way round (https -> http) patch is now in svn (Should be released with @if $HTTP["scheme"] 1.5.x and 1.4.19). 

 ----- 

 This worked for me on 1.4.13. Just redirects example.com/secure but not plain example.com. 
 <pre> 

 $SERVER["socket"] == "https"@ ":8080" { 
         $HTTP["url"] =~ "(.*)/secure" { url.redirect = ( "^/(.*)" => "https://www.example.com/secure/" ) } 
         server.document-root = "/var/www" 
 } 
 </pre>