Apache won't redirect HTTP to HTTPS

When I enter my website's non-SSL URL "cms00.example.com" into my browser, it won't redirect to https://cms00.example.com. If I enter the HTTP address, I can see the site and if I enter the HTTPS address, I can see the site. I just can't get the redirect from http to https to work. I've read numerous articles on how to do this and tried all the suggestions but my configuration still isn't working. I'm running Apache 2.4.10 on Debian 8, and this is my first time working with Apache.

I've run these two commands and verifed that the rewrite and ssl modules have been loaded:

    sudo a2emod rewrite   # <- already enabled
    sudo a2emod ssl       # <- already enabled

I haven't made any modifications to /etc/apache2/apache2.conf and I haven't created any additional .htaccess files.

Here is my website configuration file:

# /etc/apache2/sites-available/vhosts.conf
    DirectoryIndex index.php index.html

     <virtualhost *:80="">ServerName cms00.example.com
      DocumentRoot "/var/www/html"
      Redirect permanent / https://cms00.example.com</virtualhost> 

     <virtualhost *:443="">ServerName cms00.example.com
      DocumentRoot "/var/www/html"

      SSLEngine on
      SSLCipherSuite AES256+EECDH:AES256+EDH
      SSLProtocol All -SSLv2 -SSLv3
      SSLHonorCipherOrder On
      SSLCompression off
      SSLCertificateFile /etc/apache2/ssl/example.com.crt
      SSLCertificateKeyFile /etc/apache2/ssl/private/example.com.key

      <directory "="" var="" www="" html"="">AllowOverride All
        Options -Indexes +FollowSymLinks
        Require all granted</directory> 
      RewriteCond %{HTTP_HOST} !^www\. [NC]
      RewriteRule ^(.*)$ http://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]</virtualhost> 

Here's my Apache config file:

# /etc/apache2/apache2.conf
    Mutex file:${APACHE_LOCK_DIR} default
    PidFile ${APACHE_PID_FILE}
    Timeout 300
    KeepAlive On
    MaxKeepAliveRequests 100
    KeepAliveTimeout 5
    User ${APACHE_RUN_USER}
    Group ${APACHE_RUN_GROUP}
    HostnameLookups Off
    ErrorLog ${APACHE_LOG_DIR}/error.log
    LogLevel warn
    IncludeOptional mods-enabled/*.load
    IncludeOptional mods-enabled/*.conf
    Include ports.conf
     <directory>Options FollowSymLinks
        AllowOverride None
        Require all denied</directory> 

     <directory usr="" share="">AllowOverride None
        Require all granted</directory> 

     <directory var="" www="">Options Indexes FollowSymLinks
        AllowOverride None
        Require all granted</directory> 
    AccessFileName .htaccess
     <filesmatch "^\.ht"="">Require all denied</filesmatch> 
    LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
    LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %O" common
    LogFormat "%{Referer}i -> %U" referer
    LogFormat "%{User-agent}i" agent
    IncludeOptional conf-enabled/*.conf
    IncludeOptional sites-enabled/*.conf
    # vim: syntax=apache ts=4 sw=4 sts=4 sr noet

2 Replies

When Apache is unable to match the request to one of the vhosts it will match it to the default vhost, which is the first vhost loaded from configuration. By removing the default vhost, you simply made your first vhost the default.

I've solved the problem. Here's what's going on. /etc/apache2/apache2.conf includes a call to any config files that have symlinks in /etc/apache2/sites-enabled. Since there was a symlink in that directing pointing to /etc/apache2/sites-available/000-default.conf, that config file was being loaded and it was over-riding the blocks and directives in my vhosts.conf file. Once I deleted that symlink, my vhosts.conf settings were able to take effect.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct