Published on: April 8, 2019 by Anitta Jose
Scenario:
SSL certificates are used to secure our websites. Once we install SSL on our website, we should redirect all our website URL’s to its HTTPS version. There are many ways to redirect http to https.
If we are having a user level access in an Apache server, .htaccess file is the better way. Same would work for OpenLiteSpeed also. Have you heard of .htaccess files? A .htaccess file also called Hypertext file, helps us to configure our website without editing server wide configuration. It controls the directory and its sub-directories in which it is placed. Add the following lines in .htaccess file:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https:
//%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteCond %{HTTP:X-Forwarded-Proto} !https [NC]
RewriteCond %{HTTPS} off
RewriteRule ^ https:
//%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NE]
<VirtualHost *:
80
>ServerName www.domain.com
Redirect / https:
//www.domain.com/
</VirtualHost>
<VirtualHost *:
443
>
ServerName www.domain.com
# ... SSL configuration goes here
</VirtualHost>
If the server is having Nginx as its webserver, then edit its configuration file and add the following lines:
server {
listen
80
;
server_name www.domain.com;
return
301
https:
//$server_name$request_uri;
}
server {
listen
443
ssl;
server_name www.domain.com;
# Add Strict-Transport-Security to prevent Man in the Middle Attacks (HSTS Policy)
add_header Strict-Transport-Security
"max-age=31536000"
always;
[.…]
}
Man in the Middle Attack is an attack where an attacker secretly interferes the communication between two parties who believe they are communicating with each other. HSTS helps to prevent this attack. Actually HSTS is a web security policy by which the website inform the browsers that it should never load the site using HTTP but only using HTTPS protocol.
While using the above codes, don’t forget to replace “domain.com” with the actual domain name.
The SSL certificate installation is now completed, and our website is configured to accept secure connections.
Category : General, Howtos
Add new commentSIGN IN