You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2013/02/10 05:39:14 UTC

[Bug 50823] Provide alternate failure modes for http on https

https://issues.apache.org/bugzilla/show_bug.cgi?id=50823

--- Comment #18 from Nick Peelman <ni...@peelman.us> ---
After having been directed here via an answer to my ServerFault question (link
below), I wanted to throw my hat in the ring that you should *at least* be able
to configure this to automatically redirect.  You can handle standard Port
80/443 redirects quite easily via mod_rewrite, but if you're hosting multiple
sites via various ports because you're limited on IP space, it is quite
confusing and annoying to end users (and the meticulous server admin who has to
deal with them) if/when you when they forget an "s" or are sent a link that
forgot the "s", and they have to deal with a very dumb (in both content and
purpose) error page.  Granted that's a much nicer behavior than simply dropping
the traffic.

I can *almost* understand the behavior for 80/443 connections.  Almost.  But
for outside of those ports, having the option to turn on auto-redirect which
would fire a 301 Permanent Redirect would be fantastic.

I'm told via the thread (link below) that 2.4 exhibits better behavior here,
but it still doesn't seem ideal.  Googling around for solutions to this
particular predicament, I'm far from the only person using Apache and SSL on
alternate ports, and there are quite a few people who were also struggling with
this very problem.

Ideally I suppose you'd have three (or four) options for this behavior: 

1) (Default) show an error message, like it does now, except do it properly,
send the right headers, handle it like a tradition
ErrorDocument-calling-status, etc.

2a) 301 redirect the traffic to https.  If there are concerns about the client
handling the traffic if its expecting http, then tell me why the current
solution (or just dropping the traffic altogether) is a better solution.

2b) Allow 301 redirection to a custom page (could implicitly encompass 2a)

3) Drop the traffic

ServerFault Thread:
http://serverfault.com/questions/477236/apache-insecure-request-sent-to-secure-port-want-to-redirect/477265#comment529069_477265

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org