The last few day’s I’ve been toying with Nagios, setting up a monitoring system. An Apache redirect to HTTPS was one of the tasks I wanted to accomplish. This would redirect the Nagios vhost from HTTP to HTTPS using an Apache 2.4.6 VirtualHost, and no resource expensive rewrite would be necessary.
A permanent redirect in Apache using status code 301
An easy HTTP to HTTPS redirect in Apache is often better accomplished in the Apache configuration, if you have access to the configuration files, rather than by using a
.htaccess file. A rewrite is often a relatively resource expensive operation.
mod_alias provides the
RedirectMatch directives, which provide a means to redirect one URL to another. This kind of simple redirection of one URL, or a class of URLs, to somewhere else, should be accomplished using these directives rather than a mod_rewrite
RewriteRule. The Redirect directives are used to instruct clients to make a new request with a different URL. They are often used when a resource has moved to a new location (source).
Looking to move WordPress to HTTPS? See this guide!
The first step in redirecting HTTP traffic to HTTPS in Apache is to create two VirtualHost directives for your website. One for HTTP (
*:80) and one for HTTPS (
The next step is to use the Redirect directive to redirect one VirtualHost to another.
See the following, complete, VirtualHost configuration to redirect Nagios from HTTP to HTTPS on Apache:
<VirtualHost *:443> # The ServerName directive sets the request scheme, hostname and port that # the server uses to identify itself. This is used when creating # redirection URLs. In the context of virtual hosts, the ServerName # specifies what hostname must appear in the request's Host: header to # match this virtual host. For the default virtual host (this file) this # value is not decisive as it is used as a last resort host regardless. # However, you must set it for any further virtual host explicitly. ServerName www.example.com ServerAdmin email@example.com DocumentRoot /data/example.com/http/ # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. # LogLevel info ssl:warn # For most configuration files from conf-available/, which are # enabled or disabled at a global level, it is possible to # include a line for only one particular virtual host. For example the # following line enables the CGI configuration for this host only # after it has been globally disabled with "a2disconf". # Include conf-available/serve-cgi-bin.conf ScriptAlias /cgi-bin/ "/data/example.com/http/cgi-bin/" AddHandler php5-script .php AddHandler cgi-script .pl .cgi DirectoryIndex index.php AddType text/html .php <Directory "/data/example.com/http/"> Options None AllowOverride None </Directory> <Directory "/data/example.com/http/cgi-bin/"> AllowOverride None Options ExecCGI </Directory> ErrorLog /data/log/example.com/ssl-error.log CustomLog /data/log/example.com/ssl-access.log combined SSLEngine On SSLCertificateFile /data/example.com/ssl/example.com.crt SSLCertificateKeyFile /data/example.com/ssl/example.com.key </VirtualHost> <VirtualHost *:80> ServerName www.example.com DocumentRoot /data/example.com/http/ ErrorLog /data/log/example.com/error.log CustomLog /data/log/example.com/access.log combined Redirect / https://www.example.com/ </VirtualHost>
RedirectMatchdirectives, which provide a means to redirect one URL to another. Use this to set up an apache 2.4 redirect from HTTP to HTTPS.
Redirect / https://www.example.com/ line is what redirects HTTP traffic to HTTPS, e.g from http://www.example.com to https://www.example.com. The rest of the VirtualHost configuration is pretty much self explanatory.
Pro Tip: For Windows Server IIS you can use IIS’ httpRedirect HTTP to HTTPS
# 2.2 configuration: Order allow,deny Allow from all
# 2.4 configuration: Require all granted
If you want to step in to help me cover the costs for running this website, that would be awesome. Just use this link to donate a cup of coffee ($5 USD for example). And please share the love and help others make use of this website. Thank you very much!
My name is Jan. I am not a hacker, coder, developer, programmer or guru. I am merely a system administrator, doing my daily thing at Vevida in the Netherlands. With over 15 years of experience, my specialties include Windows Server, IIS, Linux (CentOS, Debian), security, PHP, websites & optimization.
SSL in WordPress: how to move WordPress to HTTPS? The definitive guide
How to enable HTTP Strict-Transport-Security (HSTS) on IIS
Load Transposh Translation Filter over HTTPS
Release hold queue email in Postfix – postsuper
Recursive scp and symlinks
Install Varnish Cache on CentOS 6.7