Reputation: 1170
redirect TLS 1.0 to a page from website using apache
I have a website foo.com and I need to redirect all the connections from browsers with TLS 1.0 to foo.com/specific-page. I checked the Apache documentation and I can disable the TLS protocol, but there is any way to force a redirect to a specific page using apache configuration? In a first attempt I tried to make the redirect using code on the application using javascript but since this is client side, this is not a real blocker of TLS 1.0. The second approach was on netscaler but since the page that I want to redirect is on the same domain, the netscaler can't block TLS 1.0 and redirect to a sub page inside the same domain.
Upvotes: 1
Views: 1222
Answers (1)
Reputation: 26414
See this gist: https://gist.github.com/SamuelChristie/13a2a29e74c189bcfd9b#apache
Apache's mod_ssl offers environmental variables which can provide details related to the current SSL/TLS connection. Adding the following lines to your conf file (be sure you are using mod_headers) will inject two new headers into the incoming request. You can then use
X-SSL-Protocolin your Perl, PHP, Python, etc. to assess whether or not a warning should be displayed.SSLOptions +StdEnvVars RequestHeader set X-SSL-Protocol %{SSL_PROTOCOL}s RequestHeader set X-SSL-Cipher %{SSL_CIPHER}sSample PHP to read the TLS version (as with rails, PHP/CGI also changes the header name):
$tlsversion = $_SERVER["HTTP_X_SSL_PROTOCOL"];
Even simpler with nginx:
if ($ssl_protocol != "TLSv1.2") {
return 302 https://example.com/outdated-tls.html;
}
Upvotes: 1
Related Questions
- How do you redirect HTTPS to HTTP?
- Redirect a website from http to https
- Apache redirect from TLSv1.0 to TLSv1.2
- SSL http to https redirection using drupal
- Redirect from HTTPs to HTTP in Apache
- Apache Https to Http Redirect
- Redirecting a specific https request to http
- redirecting a single https page to another http page
- Apache ssl redirect using mod_rewrite
- SSL rewrite redirection apache2