I know that in Plesk 10 all content should be placed inside the httpdocs folder.
But then how do you differentiate between what needs to be secured (ssl, like a login-based site) and what does not needs to be secured (a public website)?
Another question: if I create a subdomain "secure" (secure.mydomain.tld) to contain my old https-documents, how do I make it accessible only with https:// and not with common http?
There are passwords to be filled in and I want to use HTTPS to secure this.
Anyone attempting http://secure.mydomain.tld should be redirected to https://secure.mydomain.tld.
I suggest using a .htaccess to do this:
RewriteEngine On
RewriteCond %{HTTPS} !^on$
RewriteRule (.*) https://yourdomain/$1 [R,L]
Related
Today I installed the SSL certificate in my GoDaddy hosting account.
Everything seems to work when I type "https://myDomain.co.il, meaning, my website is secured.
But when I type HTTP://myDomain.co.il, my website is not secured.
As I was looking for an answer to solve this problem, I found an article in GoDaddy that explains how to redirect HTTP to https.
Is says that I need to open a file inside public_html called .htaccess.
Inside the file, I wrote the following code:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{HTTP_HOST} ^(www\.)?coolexample\.com
RewriteRule ^(.*)$ https://www.coolexample.com/$1 [R,L]
Unfortunately, it's not working.
Another question, when I'll solve this problem, if I will type www.myDomain.co.il or myDoamin.co.il, will it redirect to https as well?
I have an PlayFramework App developed using Scala running on Heroku; I only mention the development language and framework because any posts I've found regarding this issue relate to PHP! I have http and https running on a custom domain but I would like to force http requests to be redirect to https.
I've found that I need to update the .htaccess file with the following:
##Force SSL
#Normal way (in case you need to deploy to NON-heroku)
RewriteCond %{HTTPS} !=on
#Heroku way
RewriteCond %{HTTP:X-Forwarded-Proto} !https
#If neither above conditions are met, redirect to https
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
But I am not sure if it is possible or how to set up the .htaccess file using Play and Scala.
Please can someone advise? Thanks.
All you need to do is to add
play.filters.enabled += play.filters.https.RedirectHttpsFilter
In your .conf file.
It will redirect all HTTP requests to HTTPS automatically.
It only works in production mode by default. To change that, add :
play.filters.https.redirectEnabled = true
See the RedirectHttpsFilter
documentation for more.
I have a website (built in ruby with .erb extensions) with mixed content (like a Wistia video) and so want to have that URL as http://domain.com.
However, when users click on "register," I want to direct them to an EV SSL-encrypted https://subdomain.domain.com/register folder.
Both of the above URLs work just fine, and the https URL displays the green EV SSL properly.
BUT, if in the low-probability event a user were to type "http://*/register" into his browser's address bar, that goes to the same /register page and allows him to register on that non-encrypted page. I really do not want that to happen.
I want to redirect anyone who tries to access the /register file via http to only the EV SSL-encrypted one, that is: https://*/register
sorry for using * wildcard, but I can only post 2 links.
I'm using Ubuntu 12.04 OS on an apache2 server and generally modify via ssh on my Mac's Terminal app.
Put this code in your DOCUMENT_ROOT/.htaccess file:
RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^subdomain\. [NC]
RewriteRule ^register(/.*)?$ https://subdomain.domain.com/register$1 [L,NC,R=301]
Thanks for replying so quickly, Anu. That may have worked, but Rackspace support used a 301 redirect in a .conf file, and it definitely worked:
/etc/apache2/sites-enabled/domain.com.conf:5
==================================
redirect 301 /register https://subdomain.domain.com/register
i am trying to redirect all subdomains with more than 2 letters :
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^([^\.]{2,})\.domain\.com$ [NC]
RewriteRule .* index.php?page=static&subject=%1 [L,QSA]
for example : about.domain.com to display content of domain.com/?page=static&subject=about
but the URL remains about.domain.com in the browser
as well as if you're on about.domain.com and requested another page on that domain ( all pages go through index.php?page=blablabla) you need to be redirected back to domain.com/(whatever requested)
Same-domain internal rewrites can be done with the [P] (proxy) option.
If you need to reverse proxy a URL from the same virtual host config, you might be able to get away with a [P] rule, but if the domain of the internal request is from a different virtual host (or on a different box entirely) you probably need to look at a ProxyPass config.
In either case you will need mod_proxy installed and enabled.
My question is regarding RewriteMap on apache2: I want to apply a rewrite condition, so that all request on my proxy are proxied to an completely new domain.
Eg localhost/test or any other url should just go to www.mydomain.com:
RewriteRule / http://www.mydomain.com [P]
Works fine. If I access localhost, I still see "localhost" in my browser address line, but mydomain.com is presented. BUT if I now click on any link on this mydomain site, I will get a "Not Found" response.
The sourecode of mydomain contains eg this link:
Link
If I access the site in a normal way, this would result in: www.mydomain.com/lab/sale.php, and works fine.
If I access the site through my proxy and the rewriteRule takes place, I would after the link click be directed to: localhost/lab/sale.php, which does not exist of course.
Question: how can I a user that accesses the site through my proxy browse on the whole site as if he would really access this site?
The RewriteRule directive isn't like a ProxyPass or Redirect where they essentially link 2 nodes together and everything following it also gets proxied. The rule that you have only proxies the request URI /, not /lab/ or /etc.php or anything else. You need to create a match and pass that along as a backreference:
RewriteRule ^/?(.*)$ http://www.mydomain.com/$1 [P]
Or you can use the %{REQUEST_URI} variable:
RewriteRule ^ http://www.mydomain.com%{REQUEST_URI} [P]