Différences

Ci-dessous, les différences entre deux révisions de la page.

--- documentation:informatique:linux:apache:index [2019/01/22 13:15] – [⑤] f1sls
+++ documentation:informatique:linux:apache:index [2019/05/05 16:22] (Version actuelle) – f1sls
@@ Ligne 1: / Ligne 1: @@
 ====== Apache ======
+===== Sécurité =====
+  * https://bobcares.com/blog/apache-prevent-ddos/
 ===== SSL / https =====
@@ Ligne 55: / Ligne 58: @@
 To override the default number of days for which the certificate is valid, you can specify -days X, where X is some other number.
-Easier Alternative for STEP 2
+=== Easier Alternative for STEP 2 ===
 When the package ssl-cert is installed a self-signed certificate gets automatically created. The certificate is stored at
@@ Ligne 105: / Ligne 109: @@
 ====⑥====
+It is very important to tell the server to listen on port 443. That's why you need to add a line to ports.conf (/etc/apache2/ports.conf) file. After the modification your file should look something like this:
+<code lang="conf">
+Listen 443
+Listen 80
+</code>
 ====⑦====
+Now restart the apache server to apply the changes.
+<code lang="bash">
+$> /etc/init.d/apache2 restart
+</code>
+or
+<code lang="bash">
+$> service apache2 restart
+</code>
 ====⑧====
+Open your browser and type:
+<code>
+https://IP.ADDRESS.OF.SERVER
+</code>
+where "IP.ADDRESS.OF.SERVER" is, you guessed it, the IP address of the server. If you have physical access and are working directly on the server, this could be ''https://127.0.0.1''. The loop-back address should take you to the default apache page and display the Certificate prompt.
+===== Redirection http ➡ https =====
+[[https://www.tecmint.com/redirect-http-to-https-on-apache/|Source]]
+==== Redirect HTTP to HTTPS on Apache Using .htaccess File ====
+For this method, make sure mod_rewrite is enabled, otherwise enable it like this on Ubuntu/Debian systems.
+<code lang="bash">
+$ sudo a2enmod rewrite	[Ubuntu/Debian]
+</code>
+For CentOS/RHEL users, ensure that your have the following line in httpd.conf (mod_rewrite support – enabled by default).
+LoadModule rewrite_module modules/mod_rewrite.so
+Now you just need to edit or create .htaccess file in your domain root directory and add these lines to redirect http to https.
+<code>
+RewriteEngine On
+RewriteCond %{HTTPS}  !=on
+RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
+</code>
+Now, when a visitor types http://www.yourdomain.com the server will automatically redirect HTTP to HTTPS  https://www.yourdomain.com.
+==== Redirect HTTP to HTTPS on Apache Virtual Host ====
+Additionally, to force all web traffic to use HTTPS, you can also configure your virtual host file. Normally, there are two important sections of a virtual host configurations if an SSL certificate is enabled; the first contains configurations for the non-secure port 80.
+The second is for the secure port 443. To redirect HTTP to HTTPS for all the pages of your website, first open the appropriate virtual host file. Then modify it by adding the configuration below.
+<code>
+NameVirtualHost *:80
+<VirtualHost *:80>
+   ServerName www.yourdomain.com
+   Redirect / https://www.yourdomain.com
+</VirtualHost>
+</code>
+<code>
+<VirtualHost _default_:443>
+   ServerName www.yourdomain.com
+   DocumentRoot /usr/local/apache2/htdocs
+   SSLEngine On
+# etc...
+</VirtualHost>
+</code>
+Save and close the file, then restart the HTTP sever like this.
+<code lang="bash">
+$ sudo systemctl restart apache2     [Ubuntu/Debian]
+$ sudo systemctl restart httpd	     [RHEL/CentOS]
+</code>
+While the ''<VirtualHost>'' is the most recommended solution because it is simpler and safer.

Outils pour utilisateurs

Outils du site

Différences

Outils de la page