Http://www traffic not being diverted to https


#1

Just installed letsincrypt and it was painfree and works well (thank you!), however I’ve noticed that when I access my site via www.digitalnut.co.uk/ it doesn’t redirect to https.
If I access my site via digitalnut.co.uk/ then it does redirect to https.

Checking my default apache conf file I see that letsencrypt has added ‘digitalnut.co.uk’, but there is nothing to redirect www traffic.

RewriteEngine on
RewriteCond %{SERVER_NAME} =digitalnut.co.uk
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]

Should (and how!) this rewrite rule be amended to redirect www traffic.

Paul


Installation help for a non-technical person?
#2

The way I use is to make another pair of virtual hosts for redirecting from other names. Like this:

<VirtualHost *:443>
        ServerName domain.tld
        Redirect "/" "https://www.domain.tld/"

        SSLEngine on
        SSLCertificateFile    /etc/letsencrypt/live/domain.tld/cert.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/domain.tld/privkey.pem
        SSLCertificateChainFile /etc/letsencrypt/live/domain.tld/chain.pem
        SSLUseStapling on
</VirtualHost>

With the same on port 80 but without the SSL lines.


#3

Hello @rossoreed,

I don’t know what is the rest of your conf and I’m not a big fan of rewrite directives but you could add a new RewriteCond pointing to your www domain.

RewriteEngine on
RewriteCond %{SERVER_NAME} =digitalnut.co.uk [OR]
RewriteCond %{SERVER_NAME} =www.digitalnut.co.uk
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]

After the change you should restart or reload apache web server.

Good luck,
sahsanu


#4

Thank you, made the change and all is well!
I didn’t add the rewrite rule, presumably added by letsencrypt, and surprised that it didn’t add www by default.

Paul


#5

Hi @rossoreed, the Let’s Encrypt client doesn’t add www to any names you request – if you want www.example.com alongside example.com, you need to specify -d example.com -d www.example.com. I think this also applies to setting up redirects in your Apache configuration.


#6

Thanks @schoen
When I installed letsencrypt, I used the command;
./letsencrypt-auto -d digitalnut.co.uk -d www.digitalnut.co.uk --apache -m myemail@gmail.com --redirect --agree-tos
to capture both www and non-www traffic, that’s why I was surprised that Letsencrypt didn’t add a www redirect to my default apache conf file.

Paul