<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="Content-type" content="text/html; charset=utf-8" /> <meta http-equiv="Content-Language" content="en-us" /> <meta name="ROBOTS" content="ALL" /> <meta http-equiv="imagetoolbar" content="no" /> <meta name="MSSmartTagsPreventParsing" content="true" /> <meta name="Keywords" content="cherokee web server httpd http" /> <meta name="Description" content="Cherokee is a flexible, very fast, lightweight Web server. It is implemented entirely in C, and has no dependencies beyond a standard C library. It is embeddable and extensible with plug-ins. It supports on-the-fly configuration by reading files or strings, TLS/SSL (via GNUTLS or OpenSSL), virtual hosts, authentication, cache friendly features, PHP, custom error management, and much more." /> <link href="media/css/cherokee_doc.css" rel="stylesheet" type="text/css" media="all" /> </head> <body> <h2 id="_a_href_index_html_index_a_8594_a_href_cookbook_html_cookbook_a"><a href="index.html">Index</a> → <a href="cookbook.html">Cookbook</a></h2> <div class="sectionbody"> </div> <h2 id="_cookbook_redirecting_all_traffic_from_http_to_https">Cookbook: Redirecting all traffic from HTTP to HTTPS</h2> <div class="sectionbody"> <div class="paragraph"><p>Some times you will have a production website that has to be used via HTTPS. However, many users are not aware that they need to type <em>https:</em> and not <em>http:</em> into their browser. The request will simply timeout if only port 443 is used, or the users will get <em>426 Upgrade Required</em> if port 80 is also turned on on your Cherokee configuration.</p></div> <div class="paragraph"><p>No need to worry. <a href="modules_handlers_redir.html">Rewrite rules</a> can easily handle this situation.</p></div> <div class="paragraph"><p>To achive your goal you will simply have to set up a redirection making use of the <tt>${host}</tt> macro, such as the following one.</p></div> <div class="paragraph"><p>First, create a new complex rule of type <tt>NOT Is SSL/TLS</tt>, that is, make a rule of type <tt>TLS/SSL</tt>, and apply the <tt>NOT</tt> boolean operator to it.</p></div> <div class="paragraph"><p>Then configure the <tt>Redirection</tt> handler to use the specified macro like this:</p></div> <div class="tableblock"> <table rules="all" width="100%" frame="border" cellspacing="0" cellpadding="4"> <col width="50%" /> <col width="50%" /> <thead> <tr> <th align="left" valign="top">Regular Expression </th> <th align="left" valign="top">Substitution</th> </tr> </thead> <tbody> <tr> <td align="left" valign="top"><p class="table"><tt>/(.*)$</tt></p></td> <td align="left" valign="top"><p class="table"><tt>https://${host}/$1</tt></p></td> </tr> </tbody> </table> </div> <div class="paragraph"><p>Of course, this macro uses the standard template subsystem , which provides <a href="config_virtual_servers_evhost.html#slicing">slicing support</a>. This means you could specify a substitution such as <tt>https://${host}[:-4].com/$1</tt> that would redirect any matching request to an HTTPS version of that request for the <tt>.com</tt> TLD. As an example, provided all the domains matched your virtual server, you could send traffic from <tt>http://example.com</tt>, <tt>http://example.net</tt>, and <tt>http://example.org</tt> to <tt>https://example.com</tt></p></div> </div> <div id="footer"> <div id="footer-text"> </div> </div> </body> </html>