VestaCP - Force HTTPS with Apache configuration templates

July 2016 ยท 2 minute read

After releasing my guide on how to automate SSL certification with VestaCP, I think it is equally useful knowledge about how to force browsers to use HTTPS.

I never liked the idea of using two different software setups to serve files, so I don’t use nginx but this guide can be applied to it with a bit of extra-googling.

In a nutshell, what we will be doing is taking advantage of Vesta’s simple templating system to modify the configuration files generated upon a website’s creation from the control panel.

Note: Before continuing, I strongly suggest you follow my guide on autonomating SSL here for Vesta here.

In the /usr/local/vesta/data/templates/ directory, you have every single template used by Vesta. This includes the default web pages, nginx and Apache configuration files. We are specifically interested in Apache hence we will go further down to web/apache2.

There we have roughly a dozen files, each responsible for their own site type. For each site type, there are 3 files. A *.stpl, a *.tpl and a *.sh. *.tpl is the default one, the one used under default circumstances. The *.stpl is the same thing except it is used for HTTPS. And finally *.sh is the one that puts it all together.

As let’s encrypt will handle SSL distribution, we don’t care about the *.stpl files and the *.sh files are simply irrelevant for this. We can cycle edit each one of them with nano *.tpl. Just aobe the closing </VirtualHost> line, add Redirect permanent / https://%domain_idn%/ which will create a permenant redirect to the https version of your site.

Now every new site you create, will have SSL enabled and have it forced without any additional configuration.