How to disable non-ssl connection on Apache 2.2
I am using Apache 2.2 on 12.04. I have activated ssl connection with a self-signed certificate which works fine, but now I'd like to disable any non-ssl connection.
I used a2dissite default but the server is still accessible on port 80 even after restarting the server.
Please help me on this.
I finally have it working:
In addition to disabling the default page with: a2dissite default, I edited /etc/apache2/ports.conf and commented the following lines:
NameVirtualHost *:80
Listen 80
A better idea is to keep "non-ssl connection" (http), but permanently redirected to your SSL Virtual Host (https). In this case the .conf file could look like:
<VirtualHost *:80>
ServerName www.example.com
ServerAdmin [email protected]
# Redirect Requests to SSL
Redirect permanent "/" "https://www.example.com/"
ErrorLog ${APACHE_LOG_DIR}/example.com.error.log
CustomLog ${APACHE_LOG_DIR}/example.com.access.log combined
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerName www.example.com
ServerAdmin [email protected]
DocumentRoot /var/www/html/www.example.com
ErrorLog ${APACHE_LOG_DIR}/example.com.error.log
CustomLog ${APACHE_LOG_DIR}/example.com.access.log combined
SSLEngine on
# other configuration directives...
</VirtualHost>
</IfModule>
Related topics:
- Changing default index page with .htaccess