From 26e797e8fd4117747ec1bf1246286fa6f6f402c6 Mon Sep 17 00:00:00 2001 From: Ian Kelling Date: Fri, 13 Jan 2023 17:50:25 -0500 Subject: [PATCH] document alternate redirect scheme --- web-conf | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/web-conf b/web-conf index 3373e26..977c8cf 100755 --- a/web-conf +++ b/web-conf @@ -243,6 +243,19 @@ EOF if (( port == 443 )); then echo "$0: creating $redir_file" + + # note, alternatively: + cat >/dev/null <<'EOF' +#https://webmasters.stackexchange.com/questions/124635/apache-redirect-http-to-https-without-preventing-http + +Redirect permanent "/" "https://mydomain.ltd/" + +# or, with generic rewrite, we use this on gnu.org +RewriteEngine on +RewriteCond %{HTTP:Upgrade-Insecure-Requests} "^1$" +RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=307] +EOF + cat >$redir_file < ServerName $h @@ -271,7 +284,7 @@ EOF # manually, Certbot will be unable to automatically provide future security # updates. Instead, Certbot will print and log an error message with a path to # the up-to-date file that you will need to refer to when manually updating -# this file. +# this file. Contents are based on https://ssl-config.mozilla.org SSLEngine on -- 2.30.2