Force https connection

Dabless · July 4, 2016, 8:07pm

Please fill out the fields below so we can help you better.

My domain is: blindbeavernation.net and bbnation.asuscomm.com

I ran this command:./letsencrypt-auto --apache -d bbnation.asuscomm.com -d blindbeavernation.net

It produced this output:everything is allright

My operating system is (include version): Ubuntu server 14.04lst

My web server is (include version): apache2

My hosting provider, if applicable, is:Videotron (port 80 is blocked but not 443)

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

Hi ! https is enable, but I want to force it. I check the “secure” option in the setup, it works for “bbnation.asuscomm.com” but not for “blindbeavernation.net”. It’s kind of wierd.

More info : blindbeavernation.net use CNAME to point on bbnation.asuscomm.com

kenarsuleyman · July 4, 2016, 9:59pm

Think simple just redirect them
Add this code to your htaccess

RewriteCond %{HTTPS} off
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Dabless · July 4, 2016, 10:01pm

I am a total noob with this, where is my htacess ?

kenarsuleyman · July 4, 2016, 10:13pm

.htaccess is a file which stores extra configrations for apache servers. Go to parent directory of your site create .htaccess file if not exists (dont forget add dot “.” to beginning of file name ) and paste above code inside.

Dabless · July 4, 2016, 10:21pm

Will this really work since my port 80 is blocked ? I mean, the user need to reach port 80 to know that he is redirect to port 443 ? And why do I need to do this for this domain but not for bbnation.asuscomm.com ? that’s odd

rugk · July 4, 2016, 10:27pm

When port 80 is blocked it won’t work. However it is bad practise to do this. Just always serve a redirect when you want to force HTTPS.

Additionally you might consider using the HSTS header to force HTTPS also for future connection. Be aware that dropping HTTPS support in the future will be difficult if you use this header.

Dabless · July 4, 2016, 10:38pm

Thank you for the respond, the thing is, I don’t get why it works with out the HSTS header on one of my domain and not on the other that is pointing to the same IP adress. If I type “bbnation.asuscomm.com” it’s automaticly in HTTPS, but if I tryed blindbeavernation.net it’s not. it’s kind of wierd I sucess for one and fail for the other, yet, I am using the same procedure

rugk · July 4, 2016, 10:42pm

I have not checked your domains, but you have to receive the header before it can actually redirect you.
As said adding a redirect should help you.

Dabless · July 4, 2016, 10:50pm

Thing is, my ISP block the port 80, that’s why I am using the port 443

rugk · July 4, 2016, 11:06pm

Oh that’s ugly. If my ISP would do such a thing I would personally look for another ISP. Because naturally your ISP could also start blocking port 443 later.
So as for your actually issue it depends for what you want to use your website. Is it only accessed by web browsers?

If so first manually access your (sub)domain with HTTPS and if the header is correctly set (which you can e.g. see in the developer console of the browser) all later requests should be redirected.
However you of course can’t expect other visitors to do the same.
You might try to get listed on https://hstspreload.appspot.com/, but AFAIK they require a HTTPS redirect. Additionally even if your ate included it takes months until a new browser release with this list is published.

kenarsuleyman · July 5, 2016, 8:17am

Why an ISP blocks 80 port I have no idea. There should be international standards every ISP have to follow.

Dabless · July 5, 2016, 4:12pm

it’s beacause they want us to use a “entreprise” service if we want to host a webpage. They want us to pay more for the port 80

system · August 4, 2016, 4:12pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.