Tech Tips  
Home   Company   Solutions   Products   Sales   Services   Support
   How to redirect users to HTTPS page only

Once enabled SSL termination on WebMux, some companies want to enforce HTTPS only on their site, like web mail servers, etc. However, sometimes the web server may redirect the browser to another page, in that process, web server did not know the original request was HTTPS encrypted, it simply redirect the browser to the HTTP port.

In WebMux farm setup, you could enable the "tag SSL-terminated HTTP requests". By change that to "Yes", decrypted traffic will have the added MIME header "X-WebMux-SSL-termination: true" . You can then write script on your server to identify if the original traffic was HTTPS or HTTP, then properly redirect the traffic to the HTTPS.

However, if you want to enforce all the traffic be HTTPS, you can modify the Apache httpd.conf file to rewrite the URL:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP:X-WebMux-SSL-termination} !^.*true
RewriteRule (.*) https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
RewriteLog /var/log/httpd/rewrite_log
RewriteLogLevel 1
** Special thanks to Richard L. Cox for his contribution.

On the Microsoft®IIS 6 server, instead of check each URL and issue rewrite on each URL, you could open IIS MMC tool, select properties for the site, go to the directory security tag, click the edit button at the bottom in the secure communications, then check the reqruire secure channel option. Then go to custom error tab under IIS MMC tool to select 403;4 error and setup response "Redirect("").

On Microsoft® IIS 7 server, you can follow these steps to requrie Secure Sockets Layer (IIS7):
1) Open IIS Manager and navigate to the level you want to manage;
2) In Features View, double-click SSL Settings;
3) On the SSL Settings page, select Require SSL;
4) In the Actions pane, click Apply.

IIS 7 URL rewrite module is a seperate download from Microsoft site. You will need to configure that for URL rewrite.

Contact us   Jobs   Press   Privacy   Terms of use
Copyright © 1987- CAI Networks, Inc. Copyright © 1998-2000 Red Hill Networks, Inc. All rights reserved.