How to disable the http (or https) version of website?

If you have set up an https website, you may want to disable the http version of the website. Or, you just want to keep the http version of website and disable its https version. Disabling the http(https) version of a website to keep only one version is vital to SEO because otherwise the SEO weight may be distributed among the two versions and the rank may be lowered. Sure you can use .htaccess to redirect http to https, or redirec https to http, but here we introduce a method by configuring the httpd.conf file. Suppose you have set up two websites: example1.com is an http site and example2.com is an https site, on your vps. The configuration would be as follows:

<virtualhost *:80>
ServerName example1.com

DocumentRoot …
</virtualhost >

<virtualhost *:443>
ServerName example2.com

DocumentRoot …

SSLEngine On
</virtualhost >

Now if you type https://example1.com in your browser, you will find you are opening example2.com actually. And if you  type http://example2.com, you are actually opening example1.com. The two results are not what you want. This is caused by the designed behavior of apache: if apache can not find a virtual host that matches both ip/port and ServerName, it will use the first ip/port matched virtual host. You may attempt to add a default virtual host before the two configured virtual hosts like:

<virtualhost *:*>
DocumentRoot …
</virtualhost >

But you will find the problem persists: https://example1.com 301 redirects to example2.com, and http://example2.com 301 redirects to example1.com. Why does the default virtual host not work? That is because ip-based virtual host matching algorithm is based on the most specific ip/port combination. So https://example1.com matches <virtualhost *:443> rather than <virtualhost *:*> and the default virtual host is not used. Similarly, http://example2.com matches <virtualhost *:80> and the default virtual host is not used, either. To enable the default virtual host to catch https://example1.com and http://example2.com , you should add two default virtual hosts:

<virtualhost *:80>
DocumentRoot …
</virtualhost >

<virtualhost *:443>
DocumentRoot …

SSLEngine On
</virtualhost >

You do not need to specify the ServerName in the default virtual hosts but you do need to add the SSLEngine On for the virtual host to catch the https version of websites otherwise the handshake cannot be accomplished.

After adding the two default virtual hosts, you will notice https://example1.com and http://example2.com go to the content specified in the DocumentRoot  of the virtual hosts. In practice, you can configure to forbid the access to that DocumentRoot as done by default in Sentora.

 

 

Posted in tips of hosting