禁用SSL / HTTPS重定向的Apache2 [英] Disable ssl/https redirection apache2

问题描述

我最近启用了SSL中的Apache2，一切都进行得很顺利，但现在每次我尝试访问 http://example.com/ 我重定向到 https://example.com/

I recently enabled ssl in apache2 and everything was going well, but now everytime I try to access http://example.com/ I get redirected to https://example.com/

我检查了我的default.conf，apache2.conf一些方向，但没有发现任何。

I checked my default.conf, apache2.conf for some directions but didn't find any.

<VirtualHost *:80>
ServerAdmin webmaster@localhost
ServerName example.de
DocumentRoot /var/www
<Directory />
    Options FollowSymLinks
    AllowOverride None
</Directory>
<Directory /var/www/>
    Options Indexes FollowSymLinks MultiViews
    AllowOverride all
    Order allow,deny
    allow from all
</Directory>

ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
    AllowOverride None
    Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
    Order allow,deny
    Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined

＆LT; /虚拟主机＆GT; ＆LT;虚拟主机*：443＆GT; 的DocumentRoot的/ var / WWW 服务器名example.com 的SSLEngine上 了SSLCertificateFile /root/server.crt 了SSLCertificateKeyFile /root/server.key ＆LT; /虚拟主机＆GT;

</VirtualHost> <VirtualHost *:443> DocumentRoot /var/www ServerName example.com SSLEngine on SSLCertificateFile /root/server.crt SSLCertificateKeyFile /root/server.key </VirtualHost>

我也双重检查的.htaccess文件中的所有directorys。 有没有办法从那里或什么是重定向查找？ 是否有任何其他的方式来重定向所有的HTTP请求到https？

I also double checked the .htaccess files in all directorys. Is there a way to look up from where or what is redirecting? Are any other ways to redirect ALL http requests to https?

推荐答案

打开Chrome开发人员工具，转到网络选项卡，单击preserve日志，并加载你的网站通过HTTP。

Open Chrome Developer Tools, go to the network tab, click on preserve log, and load your site over http.

如果你看到一个301或302重定向到HTTPS，然后东西在服务器上，告诉你的浏览器访问https。

If you see a 301 or 302 redirect to https then something on the server is telling your browser to go to https.

如果你看到一个307重定向到陀螺仪那么该网站有，或曾有过，严格，运输和安全（又名HSTS）头在其上设置强制HTTPS和浏览器缓存了该政策。这是一项安全功能的Web服务器可以使用强制HTTPS。检查头回看到，如果是这样的情况下，HTTP，如果没有这样的头被发送比你可以查看和使用此页到你的地址栏中清除旧政策：镀铬：//网内部/＃HSTS

If you see a 307 redirect to gyros then the site has, or had, a Strict-Transport-Security (aka HSTS) header set on it to force https and Chrome has cached that policy. This is a security feature web servers can use to enforce https. Check the HTTP Headers returned to see if that's the case and, if no such header is being sent than you can view and clear an old policy by using this page into your address bar: chrome://net-internals/#hsts

这篇关于禁用SSL / HTTPS重定向的Apache2的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！