Lighttpd下的https强制跳转

考虑到以后可能会出现的敏感内容,于是申请并且安装了个免费的startssl的证书,然后~打算看看怎么才能强制使用ssl连接。。。

以下内容摘自:http://redmine.lighttpd.net/projects/1/wiki/HowToRedirectHttpToHttps

 

How to redirect HTTP requests to HTTPS

Since 1.4.19 the following should work. For older versions check the history of this page… or just update, srsly.

Example 1 – redirect everything

$HTTP["scheme"] == "http" {
    # capture vhost name with regex conditiona -> %0 in redirect pattern
    # must be the most inner block to the redirect rule
    $HTTP["host"] =~ ".*" {
        url.redirect = (".*" => "https://%0$0")
    }
}

Example 2 – specific url

$HTTP["scheme"] == "http" {
    $HTTP["host"] =~ ".*" {
        url.redirect = ("^/phpmyadmin/.*" => "https://%0$0")
    }
}

Example 3 – only for specific vhost and url

$HTTP["scheme"] == "http" {
    $HTTP["host"] == "sth.example.com" {
            url.redirect = ("^/phpmyadmin/.*" => "https://sth.example.com$0")
    }
}

Further stuff

Also works the other way round (https -> http) with if $HTTP["scheme"] == "https"

Lighttpd、Apache强制跳转https

这两者其实质都是通过重定向来实现的,只不过lighttpd不能使用.htaccess文件,所以它的配置是写在lighttpd.conf配置文件下的。两者方法如下

Lighttpd:

#vi /etc/lighttpd/lighttpd.conf

添加如下内容:

$HTTP[“scheme”] == “http” {
# capture vhost name with regex conditiona -> %0 in redirect pattern
# must be the most inner block to the redirect rule
$HTTP[“host”] =~ “.*” {
url.redirect = (“.*” => “https://%0$0”)
}
}

Apache:

Apache的重定向可以写在配置文件(具体位置根据安装方法不同,我的使用Debian下直接apt-get的,其路径为 /etc/apache2/sites-enabled/000-default)

也可以直接写在目录的.htaccess文件下

如果需要整站跳转,则在网站的配置文件的<Directory>标签内,键入以下内容:

RewriteEngine on
RewriteCond %{SERVER_PORT} !^443$ //也可以这么写RewriteCond %{HTTPS} off,呵呵,下面的例子又是一种写法,至于为什么,自己想去
RewriteRule ^(.*)?$ https://%{SERVER_NAME}/$1 [L,R]
如果对某个目录做https强制跳转,则复制以下代码:
RewriteEngine on
RewriteBase /yourfolder
RewriteCond %{SERVER_PORT} !^443$
#RewriteRule ^(.*)?$ https://%{SERVER_NAME}/$1 [L,R]
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]

或者这样

#RewriteCond %{HTTP_HOST} !=’你的域名(包括引号,不带http前缀哦)’ [NC,OR]
#RewriteCond %{HTTPS} !=on [NC]
#RewriteRule ^(.*)$ https://’你的域名加访问路径(含引号)’%{REQUEST_URI} [L,R=301]
如果只需要对某个网页进行https跳转,可以使用redirect 301来做跳转!

redirect 301  /你的网页 https://你的主机+网页

其实,rewrite规则就是正则表达式,具体的怎么写法,等有时间再整理下。