[CentOS] redirecting outside connections to https on apache

Mon Apr 14 19:19:19 UTC 2008
Jeff Larsen <jlar310 at gmail.com>

On Mon, Apr 14, 2008 at 12:33 PM, Barry Brimer <lists at brimer.org> wrote:
> Quoting ankush grover <ankushcentos at gmail.com>:
>
>  > Hi friends,
>  >
>  > There are about 15 applications hosted on different in our
>  > infrastructure mostly running on apache/iis/tomcat. We have a frontend
>  > apache server running on Centos 4.4 64bit which make these
>  > applications accessible to outside world.
>  >
>  > For the applications which are running on tomcat we are running
>  > jkmount to make these applications available without mentioning tomcat
>  > ports. For apache/iis applications we are using ProxyPass. The issue
>  > we are facing is that we are not able to make these applications
>  > accessible through https automatically means if the user is not from
>  > within the LAN then the http link should automatically redirected to
>  > https. We already have GoDaddy stamped ssl certificate on this apache
>  > frontend server but we are struggling for rules for outside world.
>  >
>  > What is the best way to make these applications accessible to outside
>  > world through https connections only that is if somebody use
>  > http://xx.xx.com/xx to use the application it should be redirected to
>  > https we don't have the requirement for https connections from within
>  > the LAN but definitely for outside connections.
>  >
>  > JkMount /team/* team
>  > JkMount /team team
>  >
>  > Then we have rules for this in the workers.properties file
>  >
>  >
>  > ProxyPass /public http://my.testing.com/public
>  > ProxyPassReverse /public https://my.testing.com/public
>
>  You can force to ssl by using something like this with mod_rewrite
>
>  RewriteRule ^(.*)$ https://www.domain.com/$1 [R,L]
>
>  Details on how to select your condition for this statement is available at:
>  <http://askapache.info/trunk/mod/mod_rewrite.html#rewritecond>
>

To clarify, the proxy pass configuration is irrelevant. The https
rewrite rule is applied to the outside facing web server for whatever
URL patterns you wish to secure. You don't need to do anything to the
back-end web server.

Here's a useful example on the rewrite: http://tinyurl.com/6l7erl

-- 
Jeff