Reputation: 707
Lighttpd SSL Redirect - windows
I have a home server that I want to only serve pages via https but I have run into some issues. I have been serving non secure pages OK and could access the pages both on the local network and on the web (I'm using ddns.net and have all the port forwarding covered). I have test certificates properly installed and at the moment the redirects work fantastically on the local network but NOT from the web. Below are the two redirects I have tested - both work locally but both failed to serve secure pages from the web.
NOTE: I use a non-standard port, i.e port 1080, however as mentioned above, non-secure access is all OK so the port forwarding from my gateway router to the server is (at least I think!) fine. Also, I can only browse to the server when I concatenate the port number to the IP / name, i.e localhost:1080 or 192.168.1.1:1080 (which is fine by me) and thus the redirect filters.
In this instance, I can access the pages bot securely and insecurely from the local network but can NOT access securely from the web.
$HTTP["scheme"] == "http" { $HTTP["host"] =~ "^(.*):1080" { url.redirect = (".*" => "https://%1$0") } } $SERVER["socket"] == ":443" { ssl.engine = "enable" ssl.pemfile = Var.Doo + "/server.pem" ssl.ca-file = Var.Doo + "/ca.pem" setenv.add-environment = ( "HTTPS" => "on" ) }After some web research, I added a condition to the redirects to be able to handle the non-port concatenated URL, however I can neither access the pages securely nor insecurely from the web (locally still works though).
$HTTP["scheme"] == "http" { $HTTP["host"] =~ "^(.*):1080" { url.redirect = (".*" => "https://%1$0") } else $HTTP["host"] =~ ".*" { url.redirect = (".*" => "https://%0$0") } } $SERVER["socket"] == ":443" { ssl.engine = "enable" ssl.pemfile = Var.Doo + "/server.pem" ssl.ca-file = Var.Doo + "/ca.pem" setenv.add-environment = ( "HTTPS" => "on" ) }
EDIT: OK, 20 views & counting and no suggestion of an answer yet ... I know I stated above that I believe the port forwarding is all good, but now I am having second thoughts on that. Any pointers either way?
Upvotes: 0
Views: 792
Answers (1)
Reputation: 707
OK, I spent some more time looking at this and managed to resolve the issue, which was two-fold.
As latterly suspected, my initial assumption that the port forwarding was OK turned out to be incorrect as I had not forwarded the secure port (which lighttpd forcefully defaults to), i.e port 443. Thus the first part of the solution was completing the port forwarding on my gateway router to include that route.
The second part of the solution is a textually minor change to the redirect code in the configuration file to filter on the ports rather than the protocol (the former code may also work but have not tested it). Here's the changed and tested code:
$SERVER["socket"] == ":443" { ssl.engine = "enable" ssl.pemfile = Var.Doo + "/server.pem" ssl.ca-file = Var.Doo + "/ca.pem" setenv.add-environment = ( "HTTPS" => "on" ) } else $SERVER["socket"] == ":1080" { $HTTP["host"] =~ "([^:/]+)" { url.redirect = ( "^/(.*)" => "https://%1:443/$1" ) } }
Upvotes: 1
Related Questions
- lighttpd redirect from custom HTTP port 81 to HTTPS port 443
- lighttpd - redirect of ip address
- Lighttpd redirect
- lighttpd redirect http://www to https://www
- Lighttpd SSL Error
- HTTPS Redirection not working in Lightppd
- lighttpd http to https
- Redirect rule that keeps connection mode (HTTPS | HTTP) in Lighttpd
- Lighttpd redirect HTTPS to HTTP
- How do I set up a HTTP to HTTPS redirection for a specific domain in lighttpd?