Feb 142015
 
Article Server Administration

There are good reasons that might lead a website administrator to take the decision to implement the HTTPS security layer. Once the certificate is installed and the web server has been configured to accept HTTPS requests, the pages in the site will be accessible using https encrypted connections. But, by that time, surely  many of the pages will have already been indexed as using the http protocol by major search engines such as Google, Yahoo or Bing. There will also be backlinks to the site from pages in other domains, using “http://”

This post explains how to setup a redirect from the old “http://” to the new “https://” urls.

To enforce HTTPS, and notify search engines about the change in protocol,  a permanent redirect has to be configured, to redirect http accesses to any url of the site to https accesses to the same url.

If the website uses apache web server package, this can be easily done by adding a couple of directives to the .htaccess file in the site’s DocumentRoot, as follows:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

Naturally, the rewrite module must be enabled for these directives to work. On a linux system, the a2enmod command that comes with the apache package can be used to enable the rewrite module:

$ sudo a2enmod rewrite

And that’s all!

 Posted by at 12:19 pm

 Leave a Reply

(required)

(required)