Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
By jmilane on
Hello...
Is there a piece of code I can add to my .htaccess file or some file that will make it so any time a person tries to access a page on http://www.mydrupalsite.com they are brought to https://www.mydrupalsite.com??
And if there is, is this secure sockets? I am asking this because I was told to set up a wiki using secure sockets.
But also, they just want the site to be https where possible. I dont know what is gained by this, or if it is really any more secure for our purposes.
Thanks!!
Comments
Just change this line in
Just change this line in settings.php:
$base_url = 'http://www.example.com';
to
$base_url = 'https://www.example.com';
This will fix everything, but the first hit. (When your users forget to add the s to http.)
Try this to get redirect the users to a secure site for all pages (assuming you are using apache):
http://joseph.randomnetworks.com/archives/2004/07/22/redirect-to-ssl-usi...
White Paper Designs
really!
wow, is it that simple?
i thought we had to use secure pages module.
(and static ip address, plus apache has ssl enabled, plus certificate)
Setting up your webserver
Setting up your webserver and setting up drupal are not the same thing.
Above will get drupal to work with your secure webserver.
Secure Pages Module allows you to define some pages as secure and some as unsecure. You indicated you wanted all your pages secure.
Getting http://www.example.com and https://www.example.com setup is a different problem. Ask your server administrator or try apache.org.
White Paper Designs
That is all I wanted, but it
That is all I wanted, but it seems like everything works without further configuration. I just changed the base url to https://... and the site rocks secure. I am running Apache, so maybe there is no further configuration??
Thanks a lot!
https
wpd, thanks for explaining the distinctions so clearly and concisely.
I've been struggling with secure pages for quite a while so I must have forgotten the simple https option.
secure pages can break your site pretty badly if you don't have apache enabled for ssl first, so I was jotting down the quick list for people reading this thread
i believe some modules break with https, such as gallery, due to non-conformity with proper use of base url.