Server Fault Asked by whitelodge on December 25, 2021
I have a webserver that has an ssl certificate applied to a subdomain https://shop.example.com
. I also have the hostname http://example.com
that has no ssl certificate. When invoking https://example.com
, browsers issue a warning that a certificate could not be verified because the webserver is identifying itself as https://shop.example.com
.
I would like all traffic that hits https://example.com
to be redirected to http://example.com
, and leave https://shop.example.com
as is.
My httpd.conf file generally looks like this:
< VirtualHost 122.11.11.21:80 >
ServerName shop.example.com
.. regular old port 80 ..
< /VirtualHost >
< VirtualHost 122.11.11.21:443 >
ServerName shop.example.com
.. SSL applies here ..
< /VirtualHost >
< VirtualHost 122.11.11.21:80 >
ServerName example.com
.. regular old port 80 ..
< /VirtualHost >
It does not look as if I have SSL set up for https://example.com
yet one can invoke SSL mode and the browser identifies the connection as https://shop.example.com
. I need to redirect from https://example.com
because for some reason, Google has indexed my website with this url even though it shows a warning.
I have tried various methods to get this to redirect and nothing has worked.
Any help would be greatly appreciated.
This was lifted up on the front page and I think the answer back from 2013 was based on an assumption that certificates are expensive and that OP can't buy one for example.com
.
In this era of free Let's Encrypt certificates there's only one answer:
Get a certificate for the redirection. (Getting Started with Let's Encrypt).
Create a simple redirection, preferably using mod_alias Redirect
.
<VirtualHost *:443>
ServerName example.com
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
Redirect permanent / https://shop.example.com/
</VirtualHost>
Answered by Esa Jokinen on December 25, 2021
This is a generic version of the rules I use.
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www.example.com [NC]
RewriteRule ^/(.*) https://www.example.com/$1 [L,R=301]
This will permanently redirect all requests not matching the canonical name to the the canonical name. Include it in the virtualhost definition for your SSL (HTTPS site).
The following rule set should force any non-HTTPS traffic to HTTPS.
RewriteEngine On
RewriteCond %{HTTPS} !=on [NC]
RewriteCond %{HTTP_HOST} ^www.example.com [NC]
RewriteRule ^/(.*) https://www.example.com/$1 [L,R=301]
EDIT: To test the redirection you will need to accept the certificate error. You should then end up on the desired site. This is what your clients will see until you get Google to reindex your site. Logon to the Google Webmaster Tools site and resubmit your sitemap. This should result in your site being crawled fairly soon. I don't know how fast the links on the search pages will be updated. If you haven't already registered your site, you will need to add specified content on the site to prove you have control of the site. There is information on setting the preferred site name as well.
Answered by BillThor on December 25, 2021
Get help from others!
Recent Answers
Recent Questions
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP