Force Bubba to use https

[RandomUsername]

Hi,

I'm trying to set by B2 to force the use of https in the web interface (specifically for using horde over the WAN).

I've followed numerous different tutorials involving .htaccess rules and editing /etc/apache2/httpd.conf but everything I try results in either no change at all (i.e. http requests are accepted and sent in the clear) or I get certificate errors.

I suspect it's because the B2 doesn't have a standard Apache config. Is that the case?

Does anyone know what to do?

Examples of sites I've looked at:
http://blackflag.wordpress.com/2006/06/ ... ic-to-ssl/
http://joseph.randomnetworks.com/archiv ... -htaccess/
http://www.cyberciti.biz/tips/howto-apa ... tions.html

Thanks.

[Kiff]

modrewrite should already be enabled, but use the command "a2enmod rewrite" to be sure.

Try setting the rewrite in /etc/apace2/apache2.conf, before the virtual host config is loaded (last line).

(I think this one looks the most tidy)

Code: Select all

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Test config and restart apache

Code: Select all

> apach2ctl configtest
> apache2ctl restart

Bubba|2 uses the "debian way" (in lack of a better description) of setting up apache

Also you might have to install a SSL certificate if you want to avoid browser error/warnings

[RandomUsername]

Thanks but I'm afraid that doesn't work. Browsing to my Bubba using either the local network name or my public domain name uses http unless I specify https.

[RandomUsername]

Giving this a bump.

[HeSitated]

Giving this a bump.

Quoted from http://www.cyberciti.biz/tips/howto-apa ... tions.html

Force webmail login over SSL https session
So if you want force users to access their webmail through https, add following configuration to .htaccess file:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Make sure you have something as follows in httpd.conf (mod_rewrite support):
LoadModule rewrite_module modules/mod_rewrite.so

It worked for me...

[RandomUsername]

Hi,

Yeah I've followed the instructions on that site already - no joy. As you say it worked for you I will try again tomorrow and report results.

Thanks.

Darren.

[asparak]

It is definitely possible. I always access my webserver and webmail over https. I just accept the locally generated cert 'error'.

I'll look up that error message we spoke about today and let you know anything i find.

[Kiff]

Make sure you have something as follows in httpd.conf (mod_rewrite support):
LoadModule rewrite_module modules/mod_rewrite.so

The load line is available in /etc/apache2/mods-available
Using the command "a2enmod rewrite" should make a symlink from mods-available to mods-enabled. While the effect is the same as manually putting it in httpd.conf or apache2.conf, it's a bit neater and cleaner

You can check enabled modules with "apache2ctl -M"

Also, try to put the rewrite in the file /etc/apache2/sites-enabled/bubba. Put it inside the <VirtualHost *:80> part (not the *:443 part)

[RandomUsername]

None of these things are working. Maybe I'm not expecting the correct behaviour.

If I browse to http://mydomain.com/mail I want it redirected to https://mydomain.com/mail - right?

@Kiff,

Code: Select all

apache2ctl -M

shows I already have the rewrite_module enabled so nothing else to do there, correct?

@HeSitated, which .htaccess file did you put that in exactly?

Thanks for the continuing help everyone.

[asparak]

http://www.cyberciti.biz/tips/howto-apa ... tions.html

[RandomUsername]

http://www.cyberciti.biz/tips/howto-apa ... tions.html

That link's been mentioned a couple of times now. I'm outside my son's Playgroup at the moment, will try again when I get home. For clarification, what .htaccess file needs to be edited? Is it /use/share/horde3/imp4/.htaccess (recalling that path from memory).

[Kiff]

We know that mod rewrite is loaded, but either the config is not read, or it doesn't work as it should.

.htaccess files are per directory configuration snippets, which means that they only work for that directory. If you are going to redirect all requests to https you have to set the rewrite rules to a more global location, like /etc/apache2/apache2.conf or /etc/apache2/sites-available/bubba

But first try this:
Edit the file /etc/apache2/conf.d/horde.conf
Change "AllowOverride Limit" to "AllowOverride All"
Restart apache

Also try placing (or copy) the .htaccess file in /use/share/horde3/ and see if it makes any difference.

[HeSitated]

None of these things are working.

Strange as i've done nothingmore than the above.

Maybe I'm not expecting the correct behaviour.
If I browse to http://mydomain.com/mail I want it redirected to https://mydomain.com/mail - right?

Spot on.

Code: Select all

apache2ctl -M

shows I already have the rewrite_module enabled so nothing else to do there, correct?

I even looked at it, just put the line in httpd.conf

which .htaccess file did you put that in exactly?

I tested it with the .htaccess file in the phpMyAdmin directory.

But maybe i was just lucky to get it the first time right...

[RandomUsername]

We know that mod rewrite is loaded, but either the config is not read, or it doesn't work as it should.

.htaccess files are per directory configuration snippets, which means that they only work for that directory. If you are going to redirect all requests to https you have to set the rewrite rules to a more global location, like /etc/apache2/apache2.conf or /etc/apache2/sites-available/bubba

But first try this:
Edit the file /etc/apache2/conf.d/horde.conf
Change "AllowOverride Limit" to "AllowOverride All"
Restart apache

Also try placing (or copy) the .htaccess file in /use/share/horde3/ and see if it makes any difference.

I've been away from the PC for a day, slept on it, came back and tried this and it worked first time . I'm sure I've done nothing different to before but there you are. Thanks all for the help.

[mcg]

Sleep cures many ills.