Should DirectAdmin use mod_alias for simple redirection from http to https?

[Kal]

The 'Force SSL with https redirect' option currently creates a mod_rewrite rule in the user's VirtualHost directive for port 80. According to the Apache document, When not to use mod_rewrite, this isn't best practice. They recommend a simple Redirect using mod_alias. So instead of all this:

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP:X-Forwarded-Proto} !https [NC]
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Now you just have this:

Redirect permanent / https://www.example.com/

It's certainly simpler and easier to understand. It's probably faster too.

I know it doesn't really matter—it works either way. But I'm just curious why DirectAdmin does it this way. For instance, why do you need `RewriteCond %{HTTPS} !=on` when you already know it's port 80?

 

[smtalk]

I know it doesn't really matter—it works either way. But I'm just curious why DirectAdmin does it this way. For instance, why do you need `RewriteCond %{HTTPS} !=on` when you already know it's port 80?

I'd say it matters, and the main reason behind this is mentioned in your post. You'd get into redirect loop without:

RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP:X-Forwarded-Proto} !https [NC]

If the question is "when" - whenever you use any proxying with SSL termination. Even if it's cloudflare With Redirect permanent / - it'd always try to redirect you to https and it'd never get there.

 

[Kal]

Cheers Martynas. Thanks for explaining.