Apache: How To Redirect http to https

If you want to direct traffic from your http so that it gets encrypted, this is really easy to do in Apache:

Step one: Set up your https vhost:

<IfModule mod_ssl.c>
DocumentRoot /var/www
# other server options go here as needed
# – logging for example
SSLEngine on
SSLCertificateFile /etc/ssl/certs/example.cert
SSLCertificateKeyFile /etc/ssl/private/example.key
# Add other SSL specific options as needed</pre>

Step two: Set up your http vhost:

ServerName my.example.com
RedirectPermanent / https://my.example.com/

We have previously posted more information on enabling SSL in Apache.

Obviously, instead of and my.example.com you’ll have to use your own IP and hostname, whatever they may be.

Note that this will redirect everything from http to https. Finer control is possible, for example you could do:

RedirectPermanent /secure/ https://my.example.com/secure/

Or you could use RewriteRules for even more control. However, in the age of mass surveillance and constant threats from hackers, a general redirect to https is a good idea.

3 thoughts on “Apache: How To Redirect http to https”

  1. Just want to let the readers know that they must include the bracket angle and slash. WordPress is filtering html code so they must edit accordingly. Thanks

  2. Yup, myweb.com (without a preceding hostname) and http://www.myweb.com are unique and would require different certificates. myweb.com – without a prefix – would also not be covered by a *.myweb.com wildcard certificate, which is counter-intuitive to a lot of people. Thanks for your comment, passerby!

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: