How to disable non-ssl connection on Apache 2.2
I am using Apache 2.2 on 12.04. I have activated ssl connection with a self-signed certificate which works fine, but now I'd like to disable any non-ssl connection.
I used a2dissite default but the server is still accessible on port 80 even after restarting the server.
Please help me on this.
apache2
edited Oct 5 '12 at 15:19
Peachy
4,91172843
asked Sep 6 '12 at 16:40
user87954
136114
add a comment |
I am using Apache 2.2 on 12.04. I have activated ssl connection with a self-signed certificate which works fine, but now I'd like to disable any non-ssl connection.
I used a2dissite default but the server is still accessible on port 80 even after restarting the server.
Please help me on this.
apache2
edited Oct 5 '12 at 15:19
Peachy
4,91172843
asked Sep 6 '12 at 16:40
user87954
136114
add a comment |
I am using Apache 2.2 on 12.04. I have activated ssl connection with a self-signed certificate which works fine, but now I'd like to disable any non-ssl connection.
I used a2dissite default but the server is still accessible on port 80 even after restarting the server.
Please help me on this.
apache2
edited Oct 5 '12 at 15:19
Peachy
4,91172843
asked Sep 6 '12 at 16:40
user87954
136114
I am using Apache 2.2 on 12.04. I have activated ssl connection with a self-signed certificate which works fine, but now I'd like to disable any non-ssl connection.
I used a2dissite default but the server is still accessible on port 80 even after restarting the server.
Please help me on this.
apache2
apache2
edited Oct 5 '12 at 15:19
Peachy
4,91172843
asked Sep 6 '12 at 16:40
user87954
136114
edited Oct 5 '12 at 15:19
Peachy
4,91172843
asked Sep 6 '12 at 16:40
user87954
136114
edited Oct 5 '12 at 15:19
Peachy
4,91172843
edited Oct 5 '12 at 15:19
Peachy
4,91172843
edited Oct 5 '12 at 15:19
Peachy
4,91172843
4,91172843
asked Sep 6 '12 at 16:40
user87954
136114
asked Sep 6 '12 at 16:40
user87954
136114
asked Sep 6 '12 at 16:40
user87954
136114
136114
add a comment |
add a comment |
2 Answers
2
active
oldest
votes
I finally have it working:
In addition to disabling the default page with: a2dissite default, I edited /etc/apache2/ports.conf and commented the following lines:
NameVirtualHost *:80
Listen 80
answered Sep 7 '12 at 10:13
user87954
136114
add a comment |
A better idea is to keep "non-ssl connection" (http), but permanently redirected to your SSL Virtual Host (https). In this case the .conf file must looks like:
<VirtualHost *:80>
ServerName www.example.com
ServerAdmin admin@example.com
# Redirect Requests to SSL
Redirect permanent "/" "https://www.example.com/"
ErrorLog ${APACHE_LOG_DIR}/example.com.error.log
CustomLog ${APACHE_LOG_DIR}/example.com.access.log combined
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerName www.example.com
ServerAdmin admin@example.com
DocumentRoot /var/www/html/www.example.com
ErrorLog ${APACHE_LOG_DIR}/example.com.error.log
CustomLog ${APACHE_LOG_DIR}/example.com.access.log combined
SSLEngine on
# other configuration directives...
</VirtualHost>
</IfModule>
Related topics:
- Changing default index page with .htaccess
answered Jan 19 '17 at 17:45
pa4080
13.3k52561
May you elaborate why is a better idea to not disable HTTP? I'm investigating pros and cons of disabling port 80.
– Marco Marsala
Apr 11 at 7:39
4
@MarcoMarsala, in most cases, when HTTP (port 80) is disabled and you are type in the browserhttp://your.domain.com(or justyour.domain.com) you will receive "page not found" - unless you typehttps://your.domain.com...
– pa4080
Apr 11 at 7:51
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "89"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f184791%2fhow-to-disable-non-ssl-connection-on-apache-2-2%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
I finally have it working:
In addition to disabling the default page with: a2dissite default, I edited /etc/apache2/ports.conf and commented the following lines:
NameVirtualHost *:80
Listen 80
answered Sep 7 '12 at 10:13
user87954
136114
add a comment |
I finally have it working:
In addition to disabling the default page with: a2dissite default, I edited /etc/apache2/ports.conf and commented the following lines:
NameVirtualHost *:80
Listen 80
answered Sep 7 '12 at 10:13
user87954
136114
add a comment |
I finally have it working:
In addition to disabling the default page with: a2dissite default, I edited /etc/apache2/ports.conf and commented the following lines:
NameVirtualHost *:80
Listen 80
answered Sep 7 '12 at 10:13
user87954
136114
I finally have it working:
In addition to disabling the default page with: a2dissite default, I edited /etc/apache2/ports.conf and commented the following lines:
NameVirtualHost *:80
Listen 80
answered Sep 7 '12 at 10:13
user87954
136114
edited Sep 7 '12 at 10:17
user76204
answered Sep 7 '12 at 10:13
user87954
136114
answered Sep 7 '12 at 10:13
user87954
136114
answered Sep 7 '12 at 10:13
user87954
136114
136114
add a comment |
add a comment |
A better idea is to keep "non-ssl connection" (http), but permanently redirected to your SSL Virtual Host (https). In this case the .conf file must looks like:
<VirtualHost *:80>
ServerName www.example.com
ServerAdmin admin@example.com
# Redirect Requests to SSL
Redirect permanent "/" "https://www.example.com/"
ErrorLog ${APACHE_LOG_DIR}/example.com.error.log
CustomLog ${APACHE_LOG_DIR}/example.com.access.log combined
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerName www.example.com
ServerAdmin admin@example.com
DocumentRoot /var/www/html/www.example.com
ErrorLog ${APACHE_LOG_DIR}/example.com.error.log
CustomLog ${APACHE_LOG_DIR}/example.com.access.log combined
SSLEngine on
# other configuration directives...
</VirtualHost>
</IfModule>
Related topics:
- Changing default index page with .htaccess
answered Jan 19 '17 at 17:45
pa4080
13.3k52561
May you elaborate why is a better idea to not disable HTTP? I'm investigating pros and cons of disabling port 80.
– Marco Marsala
Apr 11 at 7:39
4
@MarcoMarsala, in most cases, when HTTP (port 80) is disabled and you are type in the browserhttp://your.domain.com(or justyour.domain.com) you will receive "page not found" - unless you typehttps://your.domain.com...
– pa4080
Apr 11 at 7:51
add a comment |
A better idea is to keep "non-ssl connection" (http), but permanently redirected to your SSL Virtual Host (https). In this case the .conf file must looks like:
<VirtualHost *:80>
ServerName www.example.com
ServerAdmin admin@example.com
# Redirect Requests to SSL
Redirect permanent "/" "https://www.example.com/"
ErrorLog ${APACHE_LOG_DIR}/example.com.error.log
CustomLog ${APACHE_LOG_DIR}/example.com.access.log combined
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerName www.example.com
ServerAdmin admin@example.com
DocumentRoot /var/www/html/www.example.com
ErrorLog ${APACHE_LOG_DIR}/example.com.error.log
CustomLog ${APACHE_LOG_DIR}/example.com.access.log combined
SSLEngine on
# other configuration directives...
</VirtualHost>
</IfModule>
Related topics:
- Changing default index page with .htaccess
answered Jan 19 '17 at 17:45
pa4080
13.3k52561
May you elaborate why is a better idea to not disable HTTP? I'm investigating pros and cons of disabling port 80.
– Marco Marsala
Apr 11 at 7:39
4
@MarcoMarsala, in most cases, when HTTP (port 80) is disabled and you are type in the browserhttp://your.domain.com(or justyour.domain.com) you will receive "page not found" - unless you typehttps://your.domain.com...
– pa4080
Apr 11 at 7:51
add a comment |
A better idea is to keep "non-ssl connection" (http), but permanently redirected to your SSL Virtual Host (https). In this case the .conf file must looks like:
<VirtualHost *:80>
ServerName www.example.com
ServerAdmin admin@example.com
# Redirect Requests to SSL
Redirect permanent "/" "https://www.example.com/"
ErrorLog ${APACHE_LOG_DIR}/example.com.error.log
CustomLog ${APACHE_LOG_DIR}/example.com.access.log combined
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerName www.example.com
ServerAdmin admin@example.com
DocumentRoot /var/www/html/www.example.com
ErrorLog ${APACHE_LOG_DIR}/example.com.error.log
CustomLog ${APACHE_LOG_DIR}/example.com.access.log combined
SSLEngine on
# other configuration directives...
</VirtualHost>
</IfModule>
Related topics:
- Changing default index page with .htaccess
answered Jan 19 '17 at 17:45
pa4080
13.3k52561
A better idea is to keep "non-ssl connection" (http), but permanently redirected to your SSL Virtual Host (https). In this case the .conf file must looks like:
<VirtualHost *:80>
ServerName www.example.com
ServerAdmin admin@example.com
# Redirect Requests to SSL
Redirect permanent "/" "https://www.example.com/"
ErrorLog ${APACHE_LOG_DIR}/example.com.error.log
CustomLog ${APACHE_LOG_DIR}/example.com.access.log combined
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerName www.example.com
ServerAdmin admin@example.com
DocumentRoot /var/www/html/www.example.com
ErrorLog ${APACHE_LOG_DIR}/example.com.error.log
CustomLog ${APACHE_LOG_DIR}/example.com.access.log combined
SSLEngine on
# other configuration directives...
</VirtualHost>
</IfModule>
Related topics:
- Changing default index page with .htaccess
answered Jan 19 '17 at 17:45
pa4080
13.3k52561
edited Dec 13 at 19:52
answered Jan 19 '17 at 17:45
pa4080
13.3k52561
answered Jan 19 '17 at 17:45
pa4080
13.3k52561
answered Jan 19 '17 at 17:45
pa4080
13.3k52561
13.3k52561
May you elaborate why is a better idea to not disable HTTP? I'm investigating pros and cons of disabling port 80.
– Marco Marsala
Apr 11 at 7:39
4
@MarcoMarsala, in most cases, when HTTP (port 80) is disabled and you are type in the browserhttp://your.domain.com(or justyour.domain.com) you will receive "page not found" - unless you typehttps://your.domain.com...
– pa4080
Apr 11 at 7:51
add a comment |
May you elaborate why is a better idea to not disable HTTP? I'm investigating pros and cons of disabling port 80.
– Marco Marsala
Apr 11 at 7:39
4
@MarcoMarsala, in most cases, when HTTP (port 80) is disabled and you are type in the browserhttp://your.domain.com(or justyour.domain.com) you will receive "page not found" - unless you typehttps://your.domain.com...
– pa4080
Apr 11 at 7:51
May you elaborate why is a better idea to not disable HTTP? I'm investigating pros and cons of disabling port 80.
– Marco Marsala
Apr 11 at 7:39
May you elaborate why is a better idea to not disable HTTP? I'm investigating pros and cons of disabling port 80.
– Marco Marsala
Apr 11 at 7:39
4
4
@MarcoMarsala, in most cases, when HTTP (port 80) is disabled and you are type in the browser
http://your.domain.com (or just your.domain.com) you will receive "page not found" - unless you type https://your.domain.com ...– pa4080
Apr 11 at 7:51
@MarcoMarsala, in most cases, when HTTP (port 80) is disabled and you are type in the browser
http://your.domain.com (or just your.domain.com) you will receive "page not found" - unless you type https://your.domain.com ...– pa4080
Apr 11 at 7:51
add a comment |
Thanks for contributing an answer to Ask Ubuntu!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f184791%2fhow-to-disable-non-ssl-connection-on-apache-2-2%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
