We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
force https?
force https?
Hello
I use nginx + php-fpm
How to force https subdomain? I use sub.example.com and i want to force it to https://sub.example.com
How to do it? Thanks for helping me ! :)
I use nginx + php-fpm
How to force https subdomain? I use sub.example.com and i want to force it to https://sub.example.com
How to do it? Thanks for helping me ! :)
Re: force https?
Create a .htaccess file at your public_html folder
Code: Select all
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
Re: force https?
Hey, after add .htaccess and put this and refreshig website still not force https is only : sub.example.comLone wrote:Create a .htaccess file at your public_html folder
Code: Select all
RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
Re: force https?
Some codes might be clashing.
Here are the step by step instructions.
There are two types of ways you can do this.
1st way - .htaccess
Open the .htaccess file in the public_html folder of your website and put the following code.
or download and upload the file https://www.dropbox.com/s/zoid0kkc4rpz4 ... ccess?dl=0
You can upload separate .htaccess files in your subdomain sites too.
2nd way - php
Open your index.php or the header file and put this at the top
I hope this helped you :)
Here are the step by step instructions.
There are two types of ways you can do this.
1st way - .htaccess
Open the .htaccess file in the public_html folder of your website and put the following code.
Code: Select all
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} !=on [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
Header always set Strict-Transport-Security "max-age=31536000"
</IfModule>
#for subdomains
<IfModule mod_headers.c>
Header set Strict-Transport-Security "max-age=10886400; includeSubDomains; preload" env=HTTPS
</IfModule>
or download and upload the file https://www.dropbox.com/s/zoid0kkc4rpz4 ... ccess?dl=0
You can upload separate .htaccess files in your subdomain sites too.
2nd way - php
Open your index.php or the header file and put this at the top
Code: Select all
<?php if(empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == "off"){
$redirect = 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header('HTTP/1.1 301 Moved Permanently');
header('Location: ' . $redirect);
exit();
} ?>
Re: force https?
Thanks dude the 2nd way helped much, i think htaccess working only on apache:) i use nginx + php-fpmvikhyat wrote:Some codes might be clashing.
Here are the step by step instructions.
There are two types of ways you can do this.
1st way - .htaccess
Open the .htaccess file in the public_html folder of your website and put the following code.
Code: Select all
<IfModule mod_rewrite.c> RewriteEngine on RewriteCond %{HTTPS} !=on [NC] RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] Header always set Strict-Transport-Security "max-age=31536000" </IfModule> #for subdomains <IfModule mod_headers.c> Header set Strict-Transport-Security "max-age=10886400; includeSubDomains; preload" env=HTTPS </IfModule>
or download and upload the file https://www.dropbox.com/s/zoid0kkc4rpz4 ... ccess?dl=0
You can upload separate .htaccess files in your subdomain sites too.
2nd way - php
Open your index.php or the header file and put this at the top
I hope this helped you :)Code: Select all
<?php if(empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == "off"){ $redirect = 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; header('HTTP/1.1 301 Moved Permanently'); header('Location: ' . $redirect); exit(); } ?>
Re: force https?
Glad to know this helped
Also, Nginx + php-fpm shouldn't be a problem at all. There must be a problem with the inclusion of .htaccess file.
Also, Nginx + php-fpm shouldn't be a problem at all. There must be a problem with the inclusion of .htaccess file.
Re: force https?
Hi :)
I used the 2nd solution too, but I thing after the next CMS upgrade, the original index.php file will be overwritten.
As we can't use .htaccess to force https rewriting, what is the cleanest way to set this with nginx+php-fpm ?
I used the 2nd solution too, but I thing after the next CMS upgrade, the original index.php file will be overwritten.
As we can't use .htaccess to force https rewriting, what is the cleanest way to set this with nginx+php-fpm ?
-
- Support team
- Posts: 1096
- Joined: Sat Sep 06, 2014 9:58 pm
- Contact:
- Os: Debian 8x
- Web: apache + nginx
Re: force https?
Nginx doesn't honor or read .htaccess
Replace the RED TEXT with your values
nano /home/<vesta user>/conf/web/nginx.conf
just after server_name <domain name> Line paste the following code
Please note the above line will Redirect to www. You can remove "www" if you want plain https://domain.name
Hope this helps
The proper (and simple) way to FORCE https is to put this ONE LINE in your Nginx.conf's server block. for Eg:zoxovsky wrote: I use nginx + php-fpm
How to force https subdomain? I
Replace the RED TEXT with your values
nano /home/<vesta user>/conf/web/nginx.conf
just after server_name <domain name> Line paste the following code
Code: Select all
return 301 https://www.$server_name$request_uri;
Hope this helps
Re: force https?
This is perfect ! Thank you :)
-
- Support team
- Posts: 1096
- Joined: Sat Sep 06, 2014 9:58 pm
- Contact:
- Os: Debian 8x
- Web: apache + nginx
Re: force https?
glad...
Do not use PHP Redirect, it will cause many SEO issues.
Also,
pls mark the topic solved
Do not use PHP Redirect, it will cause many SEO issues.
Also,
pls mark the topic solved