总是在Apache 2上重新路由从http到https的所有stream量的最佳方式是什么?
所有到80的请求应该到443。
(我正在使用Ubuntu + Apache 2)
扩展freiheit的答案,删除一些冗余部分,消除对mod_rewrite的依赖(和相关的速度损失),并添加一些安全性:
<VirtualHost 1.2.3.4:80> ServerName SSL.EXAMPLE.COM CustomLog /var/log/httpd/EXAMPLE.access_log combined ErrorLog /var/log/httpd/EXAMPLE.error_log Redirect / https://ssl.example.com/ </VirtualHost> <VirtualHost 1.2.3.4:443> ServerName ssl.example.com DocumentRoot /var/www/html CustomLog /var/log/httpd/EXAMPLE.ssl_access_log combined ErrorLog /var/log/httpd/EXAMPLE.ssl_error_log SSLEngine on SSLProtocol all -SSLv2 SSLCipherSuite HIGH:MEDIUM . . . </VirtualHost> <Directory /var/www/html> #If all else fails, this will ensure nothing can get in without being encrypted. SSLRequireSSL </Directory> 就我个人而言,我最喜欢将所有80端口的stream量redirect到端口443:
<VirtualHost 1.2.3.4:80> ServerName SSL.EXAMPLE.COM ServerAlias SSL DocumentRoot /var/www/html CustomLog /var/log/httpd/EXAMPLE.access_log combined ErrorLog /var/log/httpd/EXAMPLE.error_log RewriteEngine on RewriteRule .* https://SSL.EXAMPLE.COM/ [NC,R,L] </VirtualHost> <VirtualHost 1.2.3.4:443> ServerName ssl.example.com DocumentRoot /var/www/html CustomLog /var/log/httpd/EXAMPLE.ssl_access_log combined ErrorLog /var/log/httpd/EXAMPLE.ssl_error_log SSLEngine on SSLProtocol all -SSLv2 SSLCipherSuite HIGH:MEDIUM . . . </VirtualHost>
RewriteCond%{SERVER_PORT} ^ 80 $
RewriteRule ^ /(。*)https://your.server.name/ $ 1 [R]