Redirect port 443 (https) to IP using iptables

redirect web https firewall iptables

23,070

Use the following command:

iptables -t nat -A OUTPUT -p tcp --dport 443 -j DNAT --to-destination 127.0.0.1:443

Then enable https for apache.

If you are using CentOS use this tutorial - http://wiki.centos.org/HowTos/Https

Good luck.

23,070

Author by

Software Developer

Updated on March 18, 2020

Carca over 4 years
I've tried for some hours to do this simple job, but it is not so simple like you think.

I wanted to redirect every request for 443 and 80 port to a webserver , in my example http://127.0.0.1:80

Port 80 worked without any problems, but 443 port tried me a lot of time...

I guess you've tried already to run the following command:
```
iptables -t nat -A OUTPUT -p tcp -m tcp --dport 443 -j DNAT --to-destination 127.0.0.1:80
```
But this is wrong, because the port 443 cannot be redirected to other ports than 443.
erikbstack about 7 years

I think DNAT should be in the PREROUTING chain, not the OUTPUT chain. See docs.
ivanleoncz over 6 years

If this solution worked 4 years ago, ok. But nowadays, it doesn't. Apart the incorrect CHAIN and the doc is not focused on this issue, HTTPS and HSTS which is used by facebook and other sites, are not so simple to circumvent.