Forum

redirect HTTP to HTTPS

Gour
9 February 2015, 16:21
Hiawatha is running behind nginx (reverse-proxy) and the support stuff installed my SSL certs.

For some sites, I want access only via HTTPS and Webfaction docs says to put the following in .htacces file:

RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-SSL} !on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]


in order to make Apache running behind nginx happy.

Now I wonder if in such setup I could solve the issue by only deploying some URL toolkit's rules (any help in translating above)?



Hiawatha version: 9.11
Operating System: CsntOS x86_64
Hugo Leisink
9 February 2015, 18:25
To enforce the usage of HTTPS, simply add the following to your virtual host configuration.
RequireSSL = yes
Gour
10 February 2015, 01:59
That was, of course, first thing that I try, but, somehow, when used, behind Webfaction's reverse-proxy, it creates infinite redirect loop..

Any idea?
Hugo Leisink
10 February 2015, 09:47
Since Hiawatha is running behind a reverse proxy, it's better to enable the enforce-HTTPS on the reverse proxy.
Gour
10 February 2015, 11:02
Since Hiawatha is running behind a reverse proxy, it's better to enable the enforce-HTTPS on the reverse proxy.

You're right...I had wrong assumption that considering that I serve PHP sites with my own webserver and running my own instance of PHP-FPM that this [docs.webfaction.com] does not apply to my case.

After creating that dummy 'app' and 'site', everything is fine.
This topic has been closed.