How do I redirect all HTTP requests to HTTPS when ISP blocks port 80?

dns apache-http-server http https redirection
5,727

Well, it turns out that it is possible. Using CloudFlare's CDN, you can do an automatic HTTPS redirect at the network level using the "Always Use HTTPS" feature, shown here.

Cloudflare HTTPS Rewrite

This happens even before the request reaches your server, and is available for the free tier. You can also turn on HSTS if you want to avoid rewriting every time.

Share:
5,727

Related videos on Youtube

BoomBoomPowe
Author by

BoomBoomPowe

Updated on September 18, 2022

Comments

  • BoomBoomPowe
    BoomBoomPowe over 1 year

    I am running a HTTPS web server at home but it has one key flaw: you can't connect to it using port 80. My ISP (Cox) blocked (incoming) port 80, there is nothing I can do about it, but luckily for me they did not block port 443. So, I have opted to use a pure HTTPS server, but this is not quite working, since I have a few things I want to redirect to my (HTTPS) server:

    http://www.example.com/ redirects to https://www.example.com/

    http://example.com/ redirects to https://www.example.com/

    https://example.com/ redirects to https://www.example.com/

    And finally, the roadblock: https://www.example.com/ points to (CNAME) powe.ddns.net, which is my dynamic DNS. I tried, but I cannot mix URL and CNAME records or make a CNAME only point towards a single port on an IP.

    So far I have made all the redirects go to https://ww2.example.com/ and have that point at my home server, but with this I cannot make https://www.example.com/ redirect to https://ww2.example.com/ because I cannot do HTTPS to HTTPS redirects.

    All the solutions I have found thus far rely on port 80 being open, which I cannot do. So, what can I do? Possible solutions include HTTPS to HTTPS redirects, port specific DNS, and from-HTTPS URL forwarding (I have only found HTTP to HTTP or HTTP to HTTPS URL forwarding). Thank you!

    • Larssend
      Larssend almost 7 years
      The kind of response expected by applications when connecting to an HTTP server is very different from the kind of response given by an HTTPS server. Thus, simply redirecting HTTP requests to HTTPS via port redirection is never going to work. My recommendation is to rent a cheap VPS so you can host your Web contents properly without having to resort to hacks. If you don't want to go this route, you will have to tell your potential visitors to access your Web server via HTTPS. Their Web browsers will then automatically send the requests via port 443 by default.
    • BoomBoomPowe
      BoomBoomPowe almost 7 years
      Yeah, I noticed that when using HSTS it forces https://*** which is great for me! What I wanted to do is have people who visit the site go to port 80 and be redirected to the https:// version of the site. I know a reverse proxy can do what DNS does just with ports instead of IP addresses, so it would work, but I don't know of any "reverse proxy providers."
  • BoomBoomPowe
    BoomBoomPowe almost 7 years
    This is what I used to use, however I do not want to use a URL redirect since that changes the URL to something other than what it was to start with. Either way, it forces the URL to change to something other than what it was to start with, which is unwanted. I already use freedns.afraid.org for DNS which is how I got the setup I have now, but it is annoying to have the URL change every time you access the site. Is it possible to avoid this?
  • BoomBoomPowe
    BoomBoomPowe almost 7 years
    I tried doing this but apparently using a URL record and an A or AAAA record in conjunction is impossible. The problem here is that when I create a URL record, it forwards all the traffic to a dummy web server that sends an HTTP 301. This means that it essentially points to another IP address and server, so unless it is possible to send some ports to one server and some to another using DNS, this isn't an option.
  • BoomBoomPowe
    BoomBoomPowe almost 7 years
    By the way, I have SSL certificates under control and know when I need a new certificate. I already use Let's Encrypt, but I haven't heard of ZeroSSL: do they offer wildcard certificates?
  • Anaksunaman
    Anaksunaman almost 7 years
    About ZeroSSL, no unfortunately they don't. They simply act as an interface to Let's Encrypt's servers and Let's Encrypt apparently doesn't plan to issue wild card certificates until sometime in 2018.
  • BoomBoomPowe
    BoomBoomPowe almost 7 years
    A URL change is not a big deal as long as it is not a very large change: however, I have tried to do this in the past, before I'd use this: http://example.com --> https://ww2.example.com, http://www.example.com --> https://ww2.example.com, ww2.example.com [A RECORD] my_ip_address_here, but if you type http://ww2.example.com it doesn't work. Every time I find a solution another hole opens up!
  • BoomBoomPowe
    BoomBoomPowe almost 7 years
    Well that stinks. It might be possible to use a reverse proxy that doesn't have port 80 blocked, but I don't think that is will be that big of a deal. Thanks anyways!
  • Anaksunaman
    Anaksunaman almost 7 years
    No problem. Good luck. =)
  • Anaksunaman
    Anaksunaman over 6 years
    Glad to hear you got it working. I haven't used CloudFlare but it makes sense as a CDN they could possibly do this. Good to know!
  • BoomBoomPowe
    BoomBoomPowe over 6 years
    You can also do a rewrite from http://www.example.net/page_here to http://www.example.net:8080/page_here if you want, but either way, it is pretty useful!
  • Josh
    Josh over 6 years
    What are they odds they can do this in reverse? My ISP is blocking port 443, not 80.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Redirect from HTTP to HTTPs in lighthttpd
How can I configure apache to use https instead of http for some requests?
How do web servers know whether you're using direct IP address access?
Why isn’t it possible to use a CNAME redirect with HTTPS
handshakeexception handshake error in client (os error wrong_version_number tls_record cc 242) Flutter app/Node server
Is it possible to allow mixed content in Flutter WebView
SocketException: Failed host lookup: 'methods.abc.com' (OS Error: No address associated with hostname, errno = 7), StackTrace :
Handshake error in client (OS Error: TLSV1_ALERT_PROTOCOL_VERSION(tls_record.cc:586) in flutter app when trying to do a post/get request
Flutter : By default, Android Pie will request that apps use HTTPS no HTTP request
How to make a plain text http (not https) request from Flutter