I have found a seemingly infinite number of solutions to forcing SSL, but I'm trying to do it w/o mod_rewrite. One way is Redirect permanent / https://123.456.789.123 If I put this directly in my httpd.conf file, an infinite loop occurs. I think its pretty obvious why, but why are there so many examples of this? What am I doing wrong. Also, at one point I swear I had this working using redirectmatch RedirectMatch ^/(.*)?$ https://123.456.789.123:443 But the same problem happens. How have other people gotten this to work? Or if you have a better solution....just no mod_rewrite
Where in your httpd.conf are you putting it? If you add it into the VirtualHost section for port 80, it should work. You will need some sort of conditional that will only apply the redirect if its not already on https, otherwise as you say you'll get an infinite loop and for obvious reasons. You could do the conditional as a RewriteCond against the SERVER_PORT if you were to use mod_rewrite. Otherwise, you'll need to put the Redirect into a virtualhosts section with port 80 specified so that it only applies when not on https (port 443). E.g. in the <VirtualHost 123.45.67.89:80> or <VirtualHost domain.com:80> section
if your site is dynamic and not static HTML pages, you could just add something to the top of each page to redirect to the SSL site. I've done this a few times on shared hosting boxes with very limited control panels. Here's how you would do it in PHP. if($_SERVER["HTTPS"] != "on") { $newurl = "https://" . $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"]; header("Location: $newurl"); exit(); } Code (markup):