How to re-direct site to always use HTTPS?


#1

Please help us by providing the following info. Before posting please also check the pinned "Known issues" threads and make sure that you're running the latest available version for your oC release: https://owncloud.org/changelog/

Steps to reproduce
1. Just visit the site
2.
3.

When visiting the site it is suppose to always re-direct to SSL.
It does not re-direct to HTTPS

Comes back with an error indicating to many redirects
Nothing

Server configuration
Operating system: CentOS 7
Web server: Apache
Database: Maria 10
PHP version: 7
ownCloud version (see ownCloud admin page): 9.1
Updated from an older ownCloud or fresh install: Fresh Install
ownCloud log (data/owncloud.log, see https://central.owncloud.org/t/how-to-find-webserver-or-oc-logfile-enable-php-logfile/808):

Special configuration (external storage, external authentication, reverse proxy, server-side-encryption):

When I research the web on how to force a site to always redirect to HTTPS it indicates you need to make modifications in the .htaccess file. I know with Owncloud if you touch that file at all things can go wrong real fast. Has anyone sucessfully added SSL to their site and used the .htaccess method with no problems?

Thanks


#2

Yes, many have used that method (including myself) without problems.


#3

Pazu, many users have done what to get it working? I thought I was not supposed to touch the .htaccess file or Owncloud would not work properly. I tried inputting

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

several times into the .htaaccess file, so there must be something "off" with my VPS. It runs good without trying to run without using HTTPS, so I'll keep at it and see what happens.


#4

For those of you using SSL for your domain and Owncloud where exactly did you add this line of code that needs to be intered into the .htaccess file? The current .htaccess has loads of data in it already so I'm a little weary and confused about where to enter this line.

Thanks


#5

At the bottom of the .htaccess file.


#6

I actually use a different method with my ownCloud setup.

In my vhosts file, I have:

<VirtualHost *:80>
    ServerName mydomain.org
    Redirect permanent / https://mydomain.org/
</VirtualHost>

Did you get it working ok? (With your .htaccess or otherwise?)

EDIT: This works with subdomains too. For example, I have a virtualhost section for mail.mydomain and cloud.mydomain and they all work perfectly.

Good luck!


#7

I'm using CentOS with Apache as well, and I actually have all the "Listen" entries commented out in my httpd.conf file. My VirtualHost line opening in httpd.conf is as follows:
<VirtualHost default:443>

That's not an italic default. For some reason, even with "code" specified, it's not letting me use underscores. So there should be a space after VirtualHost, then underscore default underscore:443

See here: http://serverfault.com/questions/567320/difference-between-default-and-in-virtualhost-context

All my SSL parameters follow that. ServerName, SSLEngine on, SSLProtocol, etc.

I also don't have a main .htaccess file. The conf.d/ssl.conf file has a Listen line as follows (with my server's IP in the x's:
Listen x.x.x.x:443 https

So I think probably that VirtualHosts default:443 is handling the redirect and nothing else really needs to be done? Seems cleaner this way and no need to redirect.