Forum
HTTP to HTTPS
gerald.hild
18 October 2017, 10:28
Hello,
I want to redirect all request on port 80 to the port 443 because I have a site in https format and if a user want to access it in http, I want it is redirect to the https.
for exemple : if the user type http://192.168.1.1/index.html, I want to he is automaticaly redirect to https://192.168.1.1/index.html
My webserver doesn't have any name. We access to it only by IP address.
I put my configuration file :
I don't know how I can do that.
Thank for your help
I want to redirect all request on port 80 to the port 443 because I have a site in https format and if a user want to access it in http, I want it is redirect to the https.
for exemple : if the user type http://192.168.1.1/index.html, I want to he is automaticaly redirect to https://192.168.1.1/index.html
My webserver doesn't have any name. We access to it only by IP address.
I put my configuration file :
# Hiawatha main configuration file
#
# GENERAL SETTINGS
#
#ServerId = www-data
ConnectionsTotal = 250
ConnectionsPerIP = 25
SystemLogfile = /var/log/hiawatha/system.log
GarbageLogfile = /var/log/hiawatha/garbage.log
ExploitLogfile = /var/log/hiawatha/exploit.log
# BINDING SETTINGS
# A binding is where a client can connect to.
#
#Binding {
# Port = 80
# MaxRequestSize = 40000
# Interface = 127.0.0.1
# MaxKeepAlive = 30
# TimeForRequest = 3,20
#}
#
Binding {
Port = 443
MaxRequestSize = 40000
# RequireTLS = yes
# Interface = ::1
# MaxKeepAlive = 30
TimeForRequest = 120,600
TLScertFile = /etc/hiawatha/tls/server_certificat.pem
}
# BANNING SETTINGS
# Deny service to clients who misbehave.
#
#BanOnGarbage = 300
#BanOnMaxPerIP = 60
#BanOnMaxReqSize = 300
#KickOnBan = yes
#RebanDuringBan = yes
# COMMON GATEWAY INTERFACE (CGI) SETTINGS
# These settings can be used to run CGI applications.
#
#CGIhandler = /usr/bin/perl:pl
#CGIhandler = /usr/bin/php-cgi:php
#CGIhandler = /usr/bin/python:py
#CGIhandler = /usr/bin/ruby:rb
#CGIhandler = /usr/bin/ssi-cgi:shtml
CGIhandler = /usr/bin/slt_plugin:slt
#CGIextension = slt
#
#FastCGIserver {
# FastCGIid = PHP5
# ConnectTo = 127.0.0.1:2005
# Extension = php
#}
# URL TOOLKIT
# This URL toolkit rule was made for the Banshee PHP framework, which
# can be downloaded from http://www.hiawatha-webserver.org/banshee
#
#UrlToolkit {
# ToolkitID = banshee
# RequestURI isfile Return
# Match ^/(css|files|images|js|slimstat)($|/) Return
# Match ^/(favicon.ico|robots.txt|sitemap.xml)$ Return
# Match .*\?(.*) Rewrite /index.php?$1
# Match .* Rewrite /index.php
#}
# DEFAULT WEBSITE
# It is wise to use your IP address as the hostname of the default website
# and give it a blank webpage. By doing so, automated webscanners won't find
# your possible vulnerable website.
#
TimeForCGI = 15
Hostname = 127.0.0.1
WebsiteRoot = /var/www/hiawatha
StartFile = index.html
ExecuteCGI = yes
NoExtensionAs = slt
AccessLogfile = /var/log/hiawatha/access.log
ErrorLogfile = /var/log/hiawatha/error.log
#ErrorHandler = 404:/error.cgi
# VIRTUAL HOSTS
# Use a VirtualHost section to declare the websites you want to host.
#
#VirtualHost {
# Hostname = www.my-domain.com
# WebsiteRoot = /var/www/my-domain/public
# StartFile = index.php
# AccessLogfile = /var/www/my-domain/log/access.log
# ErrorLogfile = /var/www/my-domain/log/error.log
# TimeForCGI = 5
# UseFastCGI = PHP5
# UseToolkit = banshee
#}
# DIRECTORY SETTINGS
# You can specify some settings per directory.
#
#Directory {
# Path = /home/baduser
# ExecuteCGI = no
# UploadSpeed = 10,2
#}
I don't know how I can do that.
Thank for your help
Joe Schmoe
18 October 2017, 14:43
Just add bindings for both IPs to the VirtualHost, configure TLS and let Hiawatha handle it.
VirtualHost {
Hostname = mywebsite.org, www.mywebsite.org
RequiredBinding = main-http, main-https
....
TLScertFile = /etc/hiawatha/tls/mywebsite.org.pem
RequireTLS = yes, 26784000
Joe Schmoe
18 October 2017, 14:49
Argh, reading comprehension problems this morning. Not sure you can get SSL certificates for an IP address.
Hugo Leisink
18 October 2017, 15:01
I don't know any CA who issues certificates for IP addresses. Specially not the 192.168.x.x addresses. You can however, setup your own CA and issue your own certificates.
gerald.hild
19 October 2017, 14:08
Thanck you for your respons.
So, if I understand, I must set the name like : Hostname = 192.168.1.1 for exemple and use virtual host. The default website can't is used for redirection. It's a little bit difficult because when my product use dhcp, when the IP address change, I need to restart hiawatha. My product don't use DNS. This is why I use IP address.
Hugo, I can use IP address in SSL because I can generate my CA in the product so if you change the IP, the product change also the CA.
Thanck you very much for your help, I 'll test the virtual host to do what I want.
So, if I understand, I must set the name like : Hostname = 192.168.1.1 for exemple and use virtual host. The default website can't is used for redirection. It's a little bit difficult because when my product use dhcp, when the IP address change, I need to restart hiawatha. My product don't use DNS. This is why I use IP address.
Hugo, I can use IP address in SSL because I can generate my CA in the product so if you change the IP, the product change also the CA.
Thanck you very much for your help, I 'll test the virtual host to do what I want.
This topic has been closed.
Copyright © by Hugo Leisink. All rights reserved.
Built upon the Banshee PHP framework.
Built upon the Banshee PHP framework.
