|
Problem(Abstract) |
The rewrite module (mod_rewrite.c) provided with the IBM®
HTTP Server can be used as an effective way to automatically rewrite all
HTTP requests to HTTPS. |
|
|
|
Resolving the
problem |
Notes:
- The Web server and WebSphere® plug-in must already be configured to
handle HTTPS requests successfully before attempting to implement the
following suggestions. If they are not, first configure the Web server and
WebSphere plug-in for HTTPS, then confirm SSL is working before you
proceed. Also, if you are running the IBM HTTP Server on a UNIX® platform,
the rewrite module must be uncommented in the httpd.conf file.
- Always backup the following files before making changes:
- httpd.conf
- plugin-cfg.xml
- vhosts.properties
For releases of IBM HTTP Server V1.3.12, 1.3.19, 1.3.26, 1.3.28:
LoadModule rewrite_module
libexec/mod_rewrite.so
AddModule mod_rewrite.c |
|
For releases of IBM HTTP Server V2.0.42 and 2.0.47:
LoadModule rewrite_module
modules/mod_rewrite.so |
|
The rewrite module (mod_rewrite.c) can be used as an effective way to
automatically rewrite all HTTP (port 80) requests to HTTPS (port 443).
This provides an effective way to ensure that all traffic to and from the
IBM HTTP Server is encrypted over the Secure Sockets Layer (SSL) without
having to use individual redirects or hard-coded HTTPS links.
- Add the following to the global scope or any port 80 VirtualHost
stanzas defined within the httpd.conf configuration file.
RewriteEngine on
RewriteCond %{SERVER_PORT} =80
RewriteRule ^(.*)
https:// %{SERVER_NAME}%{REQUEST_URI} |
|
- If you use the WebSphere plug-in, remove any port 80 VirtualHost
attribute in the WebSphere plug-in configuration file. By doing so, any
matching URI on port 80 is rejected by the plug-in and handled by the Web
server's default-handler. At this point the RewriteEngine is able to
rewrite the URL to HTTPS and is handled by the WebSphere plug-in's port
443 VirtualHost attribute associated with the requested URL.
Examples: (Port 80 VirtualHost attributes)
- WebSphere Application Server V4 and V5:
plugin-cfg.xml
<VirtualHostGroup
Name="default_host">
<VirtualHost Name="*:80"/>
</VirtualHostGroup> |
|
- WebSphere Application Server V3.5:
vhosts.properties
123.45.67.89=default_host
www.sitename.com=default_host
127.0.0.1\:80=default_host |
|
- Recycle both the IBM HTTP Server and WebSphere Application Server
after making the preceding changes.
|
|
|
|