I’m teaching myself how to do web pages and web hosting on an inexpensive small scale for local artists.
I have an unlimited storage, unlimited bandwidth hosting account with Go Daddy.
I host 3 others at this point under my umbrella. I needed a better ssl certificate than the free one. The one I bought is good for me, the host, and 4 others.
With the help of a person at GoDaddy, I used their dashboard to redirect 3 sites to https. It didn’t work.
I would like anyone going to these 3 sites, no matter what they type to end up at, for instance, [noparse]https://www.mysite.com[/noparse] so that the blue bar shows up in the URL bar.
The other two have their own domain, but are located under mine. I use Dreamweaver CS5 so I edit the sites in separate directories but the edited code always ends up in their folders under mine.
I hope I’m making sense. Go Daddy said I have to figure it out myself more or less. Well, not all of them, but…
To try to help, I would organize the thing us speak into these areas:
Your web server needs to be configured with Multi-Site SSL certificate, that latter could be used on the sites that you need to be protected under SSL. While this does not have much to do with redirection, it is something that you will need to have.
Using DNS (Domain Name Service) you can perform redirects so if I ask for www.abc.com my request is queried at a DNS server and it says ‘Oh, I need to route this to www.efg.com’)
If you are using Apache as your web server, you can redirect to enforce use of HTTPS using mod_rewrite. You can find great information on one of our form member - DKLynn’s - site. Look for the section Enforce Secure Server. It would also be worth while spending some time on that same page to get yourself familiarized with mod_rewrite.
Thanks for taking the time to respond ServerStorm. I do have a multi-site SSL certificae issued by Go Daddy. (Standard Multiple Domain (UCC) SSL Up to 5 Domains ) I have read the various articles you speak of, especially Enforce Secure Server.
That’s what I meant by “I’ve read until nothing makes sense. Need help TO redirect sites to https”.
I will continue to try and understand it for as long as it takes. 12 days so far as I squeeze in quite a few other tasks. There is no store up yet because I haven’t got all the product information yet AND I’m learning the cart making business, both the easy and the hard.
Do you know if you can use .htaccess, most likely you can, so try this:[INDENT]1) In the root directory of each domain - i.e. /var/www/thisdomain/ - create a blank text file call .htaccess
2) In each .htaccess file you need to do the following but changing to the appropriate domain:[/INDENT]
RewriteEngine On
RewriteCond %{SERVER_PORT} 80 # Any request that goes to port 80 (http)
RewriteRule ^(.*)$ https://www.thisdomain.com/$1 [R,L] #Rewrite it to https
Do you really need to use https for all requests it creates more overhead in apache. Could you instead specify only the pages you need to have as https?
I hope this helps. I can’t be called close to a mod_rewrite expert, but I’ve been learning. This worked when I tested it.
I thought that was it. I’m gonna try something else about the way I did this. I get the following for all my hosted sites:
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator and inform them of the time the error occurred, and anything you might have done that may have caused the error.
More information about this error may be available in the server error log.
Apache Server at www.slimdangdoo.com Port 443
@JC, Using hosting with GoDaddy is your first error. They are notorious for being a terrible host (albeit a good registrar). There are so many posts here complaining about GoDaddy that it’s surprising to find members still being aboused by them.
Hosting with unlimited anything is (a) a misnomer (because there is no such thing) and (b) an indication that you’re using shared hosting (and a shared IP Address - which cannot be used with a secure server certificate).
Secure server certificates are not cheap! Multi-domains are even more expensive. Of course, you bought from GD so they’re outside GD’s core business and likely not to do anything useful but allow you to use encryption. Personally, I “share” my own secure server certificate with clients as a cost-saving measure for them (both the cert and required IP Address are yearly charges) with the only downside that the URL for their using my cert includes my domain and their directory in the path to their secure file(s).
Now, it appears that you want the entire websites encrypted (in transmission): Why? That seems to be an abuse of the secure server as it’s normally reserved for handling sensitive information. For example, look at ZenCart’s parsing of links into secure and non-secure handling.
SS directed you to the mod_rewrite tutorial linked in my signature where I have mod_rewrite code to direct to https in a universal manner as well as selectively (which I recommend). Did you bother to read any of that?
An Internal Server Error is normally the sign that you’ve had a syntax error in your .htaccess file. Check that carefully and, if you can’t spot the error, comment out the entire file then uncomment a line at a time to discover the culprit.
Partial encryption says that you’ve included files which are not encrypted. To me, that says that you’re using absolute links within the scripts loaded which are http://yadda.yadda/unsecured. Have a look through your code for something like that.
You might benefit from reading the mod_rewrite tutorial linked in my signature as it contains explanations and sample code. It’s helped may members and should help you, too.
As I said, I’ve read/studied everything I could for the past 12 days and tried to comprehend it. I’m only now becoming aware that one “should” only secure the pages when needed for credit cards, etc.
Um. Go Daddy has been great so far, but what do I know. I shall continue to persevere. Again, I will continue to study. and RE-read various tutorials. Thanks for your time.