force primary domain name to use SSL force primary domain name...

Topic: force primary domain name to use SSL

Post force primary domain name to use SSL
by davidart on Saturday, January 20, 2018

I wish to force my primary Domain name to use an ssl connection.

1. If I redirect with Port forward from 80 to 443 it uses my current Dynamic IP address instead of my current main domain name so my SSL cert which uses my domain name doesn't match the destination which is the IP address an dI get a verification error.
2. If I try url forward to https://my.domain.name:443 it won't allow it saying domain name and the redirect url are the same.

So is there a method that will alias http://my.domain to https://my.domain:443 ?

Reply with quote | Report
Post Re: force primary domain name to use SSL
by anthonywebuser on Tuesday, January 23, 2018

I would suggest using web server settings to redirect http to https. I know IIS allows you to do so: HTTP to HTTPS redirects on IIS 7.x and higher. What web server are you using?

Reply with quote | Report
Post Re: Re: force primary domain name to use SSL
by davidart on Tuesday, January 23, 2018

anthonywebuser wrote:I would suggest using web server settings to redirect http to https. I know IIS allows you to do so: HTTP to HTTPS redirects on IIS 7.x and higher. What web server are you using?
Thanks you for the guidance. I'm using lighttpd but there are apparently fairly simple http -> https redirect options for it's conf file also.

Reply with quote | Report
Post Re: force primary domain name to use SSL
by davidart on Tuesday, January 23, 2018

This seems to be an accepted lighttpd.conf entry for forwarding http to https.

wrote:$HTTP["scheme"] == "http" {
# capture vhost name with regex conditiona -> %0 in redirect pattern
# must be the most inner block to the redirect rule
$HTTP["host"] =~ ".*" {
url.redirect = (".*" => "https://%0$0")
}
}
This still doesn't work I can directly enter http://my.domainname.net:443 and reach my destination but I can't force a port redirect from my.domaniname.net to my.domainname.net:443 only my.domainname.net:80 => my.ip.addr.ess:443.

Reply with quote | Report
Post Re: Re: force primary domain name to use SSL
by vesey on Sunday, January 28, 2018

davidart wrote:This seems to be an accepted lighttpd.conf entry for forwarding http to https.

wrote:$HTTP["scheme"] == "http" {
# capture vhost name with regex conditiona -> %0 in redirect pattern
# must be the most inner block to the redirect rule
$HTTP["host"] =~ ".*" {
url.redirect = (".*" => "https://%0$0")
}
}
This still doesn't work I can directly enter http://my.domainname.net:443 and reach my destination but I can't force a port redirect from my.domaniname.net to my.domainname.net:443 only my.domainname.net:80 => my.ip.addr.ess:443.
Are you using also using port forwarding function in Dynu control panel as well? If you use Dynu port forwarding, your domain my.domainname.net will be pointing to the IP address of Dynu port forwarding server. So if you try to go to my.domainname.net:80, it is not going to your web server, instead, it is going to Dynu port forwarding server. I suggest that you disable port forwarding and try.

Reply with quote | Report
Post Re: Re: Re: force primary domain name to use SSL
by davidart on Sunday, January 28, 2018

vesey wrote:
Are you using also using port forwarding function in Dynu control panel as well? If you use Dynu port forwarding, your domain my.domainname.net will be pointing to the IP address of Dynu port forwarding server. So if you try to go to my.domainname.net:80, it is not going to your web server, instead, it is going to Dynu port forwarding server. I suggest that you disable port forwarding and try.
I've pretty much tried every variant I could imagine. I've tried with and without port forwarding.
With no port forwarding:
-my.domainname.net takes me to to port 80 on my web server.
-my.domainname.net:443 is a 502 error.
-https://my.domainname.net:443/ takes me to the correct destination on web server.

Reply with quote | Report
Post Re: force primary domain name to use SSL
by blackbarret on Tuesday, January 30, 2018

Yeah there such a think indeed to enforce that, simple 'redirection' in the default vhost config entry would do that.


Redirect permanent / https://url.of you.website.on.ssl/


Remark the / in the line is not a mistake, it signifies the get request base (ex GET /)

Reply with quote | Report
Post Re: Re: force primary domain name to use SSL
by davidart on Monday, February 5, 2018

blackbarret wrote:Yeah there such a think indeed to enforce that, simple 'redirection' in the default vhost config entry would do that.


Redirect permanent / https://url.of you.website.on.ssl/


Remark the / in the line is not a mistake, it signifies the get request base (ex GET /)
unfortunately this doesn't fix the problem. I'm able to redirect traffic from http to https using
$HTTP["scheme"] == "http" {
$HTTP["host"] =~ ".*" {
url.redirect = (".*" => "https://%0$0")
}
}
This allows access to my server with "my.domain.name:81" (81 being the server.port) but I am unable to port forward default port 80 requests to port 81 (in dynu webredirect). So I can't use a simple "my.domain.name" and access my server.
I need to be able to port forward my.domain.name:80 => my.domain.name:81 and I'm only given the option of my.domain.name:80 => my.dynamic.ip.address:81

Reply with quote | Report
Post Re: Re: Re: force primary domain name to use SSL
by blackbarret on Monday, February 5, 2018

davidart wrote:
blackbarret wrote:Yeah there such a think indeed to enforce that, simple 'redirection' in the default vhost config entry would do that.


Redirect permanent / https://url.of you.website.on.ssl/


Remark the / in the line is not a mistake, it signifies the get request base (ex GET /)
unfortunately this doesn't fix the problem. I'm able to redirect traffic from http to https using
$HTTP["scheme"] == "http" {
$HTTP["host"] =~ ".*" {
url.redirect = (".*" => "https://%0$0")
}
}
This allows access to my server with "my.domain.name:81" (81 being the server.port) but I am unable to port forward default port 80 requests to port 81 (in dynu webredirect). So I can't use a simple "my.domain.name" and access my server.
I need to be able to port forward my.domain.name:80 => my.domain.name:81 and I'm only given the option of my.domain.name:80 => my.dynamic.ip.address:81
Are we talking about apache here????

Reply with quote | Report
Post Re: Re: Re: Re: force primary domain name to use SSL
by davidart on Monday, February 5, 2018

blackbarret wrote:
davidart wrote:
blackbarret wrote:Yeah there such a think indeed to enforce that, simple 'redirection' in the default vhost config entry would do that.


Redirect permanent / https://url.of you.website.on.ssl/


Remark the / in the line is not a mistake, it signifies the get request base (ex GET /)
unfortunately this doesn't fix the problem. I'm able to redirect traffic from http to https using
$HTTP["scheme"] == "http" {
$HTTP["host"] =~ ".*" {
url.redirect = (".*" => "https://%0$0")
}
}
This allows access to my server with "my.domain.name:81" (81 being the server.port) but I am unable to port forward default port 80 requests to port 81 (in dynu webredirect). So I can't use a simple "my.domain.name" and access my server.
I need to be able to port forward my.domain.name:80 => my.domain.name:81 and I'm only given the option of my.domain.name:80 => my.dynamic.ip.address:81
Are we talking about apache here????
no - lighttpd running on a dd-wrt router.

Reply with quote | Report
Saturday, August 17, 2019 6:13 AM