For automatic http->https redirection it is recommended to use Apache or Nginx in front of Payara to do the redirection, see [1].
I decided on using nginx for this2 3 4.
Before nginx, it looks like this:
$ curl -s -D - http://www.mrbear.org -o /dev/null
HTTP/1.1 200 OK
Server: Payara Server 5.184 #badassfish
X-Powered-By: Servlet/4.0 JSP/2.3 (Payara Server 5.184 #badassfish Java/Oracle Corporation/1.8)
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
HTTP/1.1 200 OK
Server: Payara Server 5.184 #badassfish
X-Powered-By: Servlet/4.0 JSP/2.3 (Payara Server 5.184 #badassfish Java/Oracle Corporation/1.8)
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Configuration is found in /etc/nginx/nginx.conf.
I changed it into something very simple:
server {
listen 80 default;
access_log off;
error_log off;
return 301 https://$server_name$request_uri;
}
listen 80 default;
access_log off;
error_log off;
return 301 https://$server_name$request_uri;
}
Double checking:
# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
Enabling automatic start and also starting nginx.
# systemctl enable nginx
# systemctl start nginx
# systemctl start nginx
So, let's try seeing what the webserver now responds with:
$ curl -s -D - http://www.mrbear.org -o /dev/null
HTTP/1.1 301 Moved Permanently
Server: nginx/1.12.2
Date: Mon, 28 Jan 2019 16:28:59 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: https://www.mrbear.org/
$ curl -s -D - http://www.mrbear.org/this/is/some/url.jsf -o /dev/null
HTTP/1.1 301 Moved Permanently
Server: nginx/1.12.2
Date: Mon, 28 Jan 2019 16:31:06 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: https://www.mrbear.org/this/is/some/url.jsf
HTTP/1.1 301 Moved Permanently
Server: nginx/1.12.2
Date: Mon, 28 Jan 2019 16:28:59 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: https://www.mrbear.org/
$ curl -s -D - http://www.mrbear.org/this/is/some/url.jsf -o /dev/null
HTTP/1.1 301 Moved Permanently
Server: nginx/1.12.2
Date: Mon, 28 Jan 2019 16:31:06 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: https://www.mrbear.org/this/is/some/url.jsf
References
- [1] Payara - How to Secure Payara Server with Apache
- https://blog.payara.fish/how-to-secure-payara-server-with-apache
- [2] How To Nginx Redirect All HTTP Request To HTTPS Rewrite 301 Rules
- https://www.cyberciti.biz/faq/linux-unix-nginx-redirect-all-http-to-https/
- [3] How to do an Nginx redirect
- https://bjornjohansen.no/nginx-redirect
- [4] Creating NGINX Rewrite Rules
- https://www.nginx.com/blog/creating-nginx-rewrite-rules/
- DigitalOcean - How To Install Nginx on CentOS 7
- https://www.digitalocean.com/community/tutorials/how-to-install-nginx-on-centos-7
No comments:
Post a Comment