17 Jun 2008, 12:54

Apache: Force all Visitors to use HTTPS


When using Apache with SSL you may want to force all Visitors to use HTTPS instead of HTTP.

After configuring Apache for SSL you can achieve this by using this VirtualHost definition:

<VirtualHost <your-ip>:80>
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^<strong>(</strong>.*<strong>)</strong> https://%{SERVER_NAME}/$1 [R,L]

You should have the SSL-enabled VirtualHost running on the same IP.