Force Bubba to use https

Got problems with your B2 or B3? Share and get helped!
Post Reply
RandomUsername
Posts: 904
Joined: 09 Oct 2009, 18:49

Force Bubba to use https

Post by RandomUsername » 10 Mar 2010, 09:34

Hi,

I'm trying to set by B2 to force the use of https in the web interface (specifically for using horde over the WAN).

I've followed numerous different tutorials involving .htaccess rules and editing /etc/apache2/httpd.conf but everything I try results in either no change at all (i.e. http requests are accepted and sent in the clear) or I get certificate errors.

I suspect it's because the B2 doesn't have a standard Apache config. Is that the case?

Does anyone know what to do?

Examples of sites I've looked at:
http://blackflag.wordpress.com/2006/06/ ... ic-to-ssl/
http://joseph.randomnetworks.com/archiv ... -htaccess/
http://www.cyberciti.biz/tips/howto-apa ... tions.html

Thanks.

Kiff
Posts: 48
Joined: 08 Feb 2010, 04:09
Location: Norway
Contact:

Re: Force Bubba to use https

Post by Kiff » 11 Mar 2010, 03:19

modrewrite should already be enabled, but use the command "a2enmod rewrite" to be sure.

Try setting the rewrite in /etc/apace2/apache2.conf, before the virtual host config is loaded (last line).

(I think this one looks the most tidy)

Code: Select all

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
Test config and restart apache

Code: Select all

> apach2ctl configtest
> apache2ctl restart
Bubba|2 uses the "debian way" (in lack of a better description) of setting up apache :)

Also you might have to install a SSL certificate if you want to avoid browser error/warnings

RandomUsername
Posts: 904
Joined: 09 Oct 2009, 18:49

Re: Force Bubba to use https

Post by RandomUsername » 11 Mar 2010, 11:25

Thanks but I'm afraid that doesn't work. Browsing to my Bubba using either the local network name or my public domain name uses http unless I specify https.

RandomUsername
Posts: 904
Joined: 09 Oct 2009, 18:49

Re: Force Bubba to use https

Post by RandomUsername » 15 Mar 2010, 11:26

Giving this a bump.

HeSitated
Posts: 30
Joined: 26 Jun 2009, 12:36
Location: Ede, The Netherlands

Re: Force Bubba to use https

Post by HeSitated » 15 Mar 2010, 17:05

RandomUsername wrote:Giving this a bump.
Quoted from http://www.cyberciti.biz/tips/howto-apa ... tions.html

Force webmail login over SSL https session
So if you want force users to access their webmail through https, add following configuration to .htaccess file:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Make sure you have something as follows in httpd.conf (mod_rewrite support):
LoadModule rewrite_module modules/mod_rewrite.so

It worked for me... :)

RandomUsername
Posts: 904
Joined: 09 Oct 2009, 18:49

Re: Force Bubba to use https

Post by RandomUsername » 15 Mar 2010, 19:07

Hi,

Yeah I've followed the instructions on that site already - no joy. As you say it worked for you I will try again tomorrow and report results.

Thanks.

Darren.

asparak
Posts: 173
Joined: 08 Jun 2009, 07:38

Re: Force Bubba to use https

Post by asparak » 16 Mar 2010, 04:21

It is definitely possible. I always access my webserver and webmail over https. I just accept the locally generated cert 'error'.

I'll look up that error message we spoke about today and let you know anything i find.

Kiff
Posts: 48
Joined: 08 Feb 2010, 04:09
Location: Norway
Contact:

Re: Force Bubba to use https

Post by Kiff » 16 Mar 2010, 04:26

HeSitated wrote: Make sure you have something as follows in httpd.conf (mod_rewrite support):
LoadModule rewrite_module modules/mod_rewrite.so
The load line is available in /etc/apache2/mods-available
Using the command "a2enmod rewrite" should make a symlink from mods-available to mods-enabled. While the effect is the same as manually putting it in httpd.conf or apache2.conf, it's a bit neater and cleaner :)

You can check enabled modules with "apache2ctl -M"

Also, try to put the rewrite in the file /etc/apache2/sites-enabled/bubba. Put it inside the <VirtualHost *:80> part (not the *:443 part)

RandomUsername
Posts: 904
Joined: 09 Oct 2009, 18:49

Re: Force Bubba to use https

Post by RandomUsername » 16 Mar 2010, 04:42

None of these things are working. Maybe I'm not expecting the correct behaviour.

If I browse to http://mydomain.com/mail I want it redirected to https://mydomain.com/mail - right? :?

@Kiff,

Code: Select all

apache2ctl -M
shows I already have the rewrite_module enabled so nothing else to do there, correct?

@HeSitated, which .htaccess file did you put that in exactly?

Thanks for the continuing help everyone.


RandomUsername
Posts: 904
Joined: 09 Oct 2009, 18:49

Re: Force Bubba to use https

Post by RandomUsername » 16 Mar 2010, 05:38

That link's been mentioned a couple of times now. I'm outside my son's Playgroup at the moment, will try again when I get home. For clarification, what .htaccess file needs to be edited? Is it /use/share/horde3/imp4/.htaccess (recalling that path from memory).
Last edited by RandomUsername on 16 Mar 2010, 12:49, edited 1 time in total.

Kiff
Posts: 48
Joined: 08 Feb 2010, 04:09
Location: Norway
Contact:

Re: Force Bubba to use https

Post by Kiff » 16 Mar 2010, 08:55

We know that mod rewrite is loaded, but either the config is not read, or it doesn't work as it should.

.htaccess files are per directory configuration snippets, which means that they only work for that directory. If you are going to redirect all requests to https you have to set the rewrite rules to a more global location, like /etc/apache2/apache2.conf or /etc/apache2/sites-available/bubba

But first try this:
Edit the file /etc/apache2/conf.d/horde.conf
Change "AllowOverride Limit" to "AllowOverride All"
Restart apache

Also try placing (or copy) the .htaccess file in /use/share/horde3/ and see if it makes any difference.

HeSitated
Posts: 30
Joined: 26 Jun 2009, 12:36
Location: Ede, The Netherlands

Re: Force Bubba to use https

Post by HeSitated » 16 Mar 2010, 12:09

RandomUsername wrote:None of these things are working.
Strange as i've done nothingmore than the above.
Maybe I'm not expecting the correct behaviour.
If I browse to http://mydomain.com/mail I want it redirected to https://mydomain.com/mail - right? :?
Spot on.

Code: Select all

apache2ctl -M
shows I already have the rewrite_module enabled so nothing else to do there, correct?
I even looked at it, just put the line in httpd.conf 8)
which .htaccess file did you put that in exactly?
I tested it with the .htaccess file in the phpMyAdmin directory.

But maybe i was just lucky to get it the first time right... :D

RandomUsername
Posts: 904
Joined: 09 Oct 2009, 18:49

Re: Force Bubba to use https

Post by RandomUsername » 17 Mar 2010, 10:27

Kiff wrote:We know that mod rewrite is loaded, but either the config is not read, or it doesn't work as it should.

.htaccess files are per directory configuration snippets, which means that they only work for that directory. If you are going to redirect all requests to https you have to set the rewrite rules to a more global location, like /etc/apache2/apache2.conf or /etc/apache2/sites-available/bubba

But first try this:
Edit the file /etc/apache2/conf.d/horde.conf
Change "AllowOverride Limit" to "AllowOverride All"
Restart apache

Also try placing (or copy) the .htaccess file in /use/share/horde3/ and see if it makes any difference.
I've been away from the PC for a day, slept on it, came back and tried this and it worked first time :). I'm sure I've done nothing different to before but there you are. Thanks all for the help.

mcg
Posts: 36
Joined: 13 Nov 2009, 22:34

Re: Force Bubba to use https

Post by mcg » 19 Mar 2010, 11:02

Sleep cures many ills.

Post Reply