https website access only

3 posts / 0 new
Topic locked
Last post
#1 Tue, 09/20/2016 - 11:48
edwardsmarkf

https website access only

hello -

i read where chrome is going to start "warning" people about using non-https websites in January (but seems to me i have read that one before).

is it recommended to somehow start blocking port 80 access to your website once it is secured? i did read to go into your httpd file and just redirect everything from "http" to "https", but would it be better to just shut down http access altogether?

sorry if this question has already been asked, but i was not even sure how to search this subject.

Wed, 09/21/2016 - 00:07
just_me

Well,

if you use the 301 (redirect) your clients won't be able to use http anymore. If you shut down http access altogether, i wonder how, perhaps like closing port 80 on the firewall, it would give a 404 if someone does NOT use https but http instead while accessing your site.

Since i think, it is not the way you want your site to work, 301 redirect is ok. I have a website being crosslinked quite often, and the links are all http:// not https:// i would close everyone out using one of the reference links to be found in google.

So 301 is perfect for me.

Best

Wed, 09/21/2016 - 13:17
unborn
unborn's picture

hi, just use htaccess to force permanent redirect all traffic from http to https by default. So if someone will try to use http it will force page in https..

Configuring/troubleshooting Debian servers is always great fun

Topic locked