Enforce site-wide SSL on Debian LAMP

Question

I have a Debian/Linux Lenny LAMP server with Plesk Panel 10.2. I have a PHP/MySQL webapp deployed in a Plesk "webspace".

I want to enforce SSL site-wide.

Do I just forward port 80 to 443? For my single domain cert, do I forward www.example.com to example.com or do I forward example.com to www.example.com?

Should this happen with .htaccess or some VirtualHost config file?

score 2 · Answer 1 · answered May 20 '11 at 13:40

2

I would use mod_rewrite.

Enable mod_rewrite and add something like this to your vhost config

RewriteEngine on
RewriteCond %{HTTPS} !On
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301]

answered May 20 '11 at 13:40

Bill B

546

score 1 · Answer 2 · edited Jul 05 '18 at 07:26

1

You can configure it in your VirtualHost config. For example have a VirtualHost for the HTTP protocol on port 80 that redirects your users to the HTTPS version:

<VirtualHost *:80>
        ServerAdmin you@example.com
        ServerName example.com
        Redirect / https://example.com/
</VirtualHost>

edited Jul 05 '18 at 07:26

Patrick Mevzek

3,180

answered Jun 19 '11 at 15:34

binfalse

5,528
4
27
28

Enforce site-wide SSL on Debian LAMP

2 Answers2