Best way to force SSL

Hello,

I’ve forced SSL on my server using the following directives:

<VirtualHost _default_:80>
  DocumentRoot "[Full path to install dir]"
  ServerName [url without protocol]    # added this line
  Redirect permanent / https://[url]/  # added this line
  ...

in the file at [install directory]/apache2/conf/bitnami/bitnami.conf

My questions: is this considered the best way to force SSL?
Will I need to add these changes to version control or is this file safe in DF updates?

Thanks!
Josiah

Hi!

Apache’s Wiki says you don’t even need DocumentRoot directive, if you want redirect all the traffic:

https://wiki.apache.org/httpd/RedirectSSL#line-2-1

Wbr,

Gunnar

I agree, but that’s in the file already so I left it in as a marker of where to put the code. :slight_smile: