Requests are not redirecting to the secure HTTPS access

Server
1

When I installed certbot on my server, I choose the option 2: Secure - Make all requests redirect to secure HTTPS access to the question Please choose whether HTTPS access is required or optional.. After that, I restart apache and try access the website to test the secure access, which only works with https:// and not with http:// (I assuming that the redirection is not working).

One note: after that question, the warning Enhancement redirect was already set. is displayed on screen. Could this be the motive for the redirection not working? How to solve this issue to make all request be redirected to the secure HTTPS access?

my 000-default.conf file:

<VirtualHost *:80>
    # The ServerName directive sets the request scheme, hostname and port that
    # the server uses to identify itself. This is used when creating
    # redirection URLs. In the context of virtual hosts, the ServerName
    # specifies what hostname must appear in the request's Host: header to
    # match this virtual host. For the default virtual host (this file) this
    # value is not decisive as it is used as a last resort host regardless.
    # However, you must set it for any further virtual host explicitly.
    #ServerName www.example.com
    ServerName klebermota.eti.br
    ServerAlias www.klebermota.eti.br

    ServerAdmin klebermo@gmail.com
    DocumentRoot /var/www/html

    # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
    # error, crit, alert, emerg.
    # It is also possible to configure the loglevel for particular
    # modules, e.g.
    #LogLevel info ssl:warn

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    # For most configuration files from conf-available/, which are
    # enabled or disabled at a global level, it is possible to
    # include a line for only one particular virtual host. For example the
    # following line enables the CGI configuration for this host only
    # after it has been globally disabled with "a2disconf".
    #Include conf-available/serve-cgi-bin.conf
    RewriteEngine on
    RewriteCond %{SERVER_NAME} =klebermota.eti.br
    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

my 000-default-le-ssl.conf file:

<IfModule mod_ssl.c>
<VirtualHost *:443>
        # The ServerName directive sets the request scheme, hostname and port that
        # the server uses to identify itself. This is used when creating
        # redirection URLs. In the context of virtual hosts, the ServerName
        # specifies what hostname must appear in the request's Host: header to
        # match this virtual host. For the default virtual host (this file) this
        # value is not decisive as it is used as a last resort host regardless.
        # However, you must set it for any further virtual host explicitly.
        #ServerName www.example.com
        ServerName klebermota.eti.br
        ServerAlias www.klebermota.eti.br

        ServerAdmin klebermo@gmail.com
        DocumentRoot /var/www/html

        # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
        # error, crit, alert, emerg.
        # It is also possible to configure the loglevel for particular
        # modules, e.g.
        #LogLevel info ssl:warn

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        # For most configuration files from conf-available/, which are
        # enabled or disabled at a global level, it is possible to
        # include a line for only one particular virtual host. For example the
        # following line enables the CGI configuration for this host only
        # after it has been globally disabled with "a2disconf".
        #Include conf-available/serve-cgi-bin.conf
        RewriteEngine on
# Some rewrite rules in this file were disabled on your HTTPS site,
# because they have the potential to create redirection loops.

#RewriteCond %{SERVER_NAME} =klebermota.eti.br
#RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
SSLCertificateFile /etc/letsencrypt/live/klebermota.eti.br/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/klebermota.eti.br/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
2

Hi @klebermo,

You are only using a RewriteCond for klebermota.eti.br and that redirection is working fine but you have not defined a RewriteCond to match www.klebermota.eti.br so you need to add one.

For example:

RewriteEngine on
RewriteCond %{SERVER_NAME} =klebermota.eti.br [OR]
RewriteCond %{SERVER_NAME} =www.klebermota.eti.br
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

There are a lot of ways to redirect your domain, you can also use the Redirect directive so you can delete above 4 lines and use just this one:

Redirect permanent / https://klebermota.eti.br/

You need to restart or reload your apache server after made any change to the conf files so they can take effect.

I hope this helps.

Cheers,
sahsanu

1 Like
3

I don’t know if helped, because when I access here the root (/) is not secured, or any page under that, except /wp-admin/index.php or /wp-login.php. Could some script in the page interfere with the way the page is transmitted via HTTPS?

4

The secure site contains insecure content - like:
<img src="http://www.klebermota.eti.br/…

checkout: https://www.whynopadlock.com/

5

Hi @klebermo,

The redirection is working fine now but as @rg305 said, your site is trying to load contents from urls using http instead https and that is the reason that you can’t see a green lock in your browser in some pages. Check your site using the url provided by @rg305 and you will see the “bad” links that you need to correct in your site.

Cheers,
sahsanu

1 Like
6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.