I’ve got Quickbox up and running with a custom domain and configured ssl using letsencrypt. HTTPS is working great. I can access apps from links such as https://my.domain.com/sonarr. However, links to apps still work over http and do not force/redirect to https. How can I force all apps to be redirected so that, for example, http://my.domain.com/sonarr redirects to https://my.domains.com/sonarr?
In your Sonarr apache config at /etc/apache2/sites-enabled/sonarr.conf could you add the following:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
So it will look as the following:
<Location /sonarr>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
ProxyPass http://localhost:8989/sonarr
ProxyPassReverse http://localhost:8989/sonarr
AuthType Digest
AuthName "rutorrent"
AuthUserFile '/etc/htpasswd'
Require user ${username}
</Location>
See if that works out the way you’d like. Otherwise, if you are using a free DNS such as Cloudflare, there is an option to force the rewrite on all links to https.
Worked like a charm! Thank you so much for your help!
1 Like
I have done the same for the Sonarr, but would it work for the Plex and Rutorrent as well? When I try to access Plex now under https, it refuses. Rutorrent goes to http when accesed directly.
I’m feeling like you’ve botched something on your system. For starters, ruTorrent by default with QuickBox goes by way of secured 443 or ssl. This is evident in your /etc/apache2/sites-enabled/aliases-seedbox.conf. There is additionally an .htaccess file in the /srv/rutorrent/ directory that handles the rewrites on the directory level. It has the following contents:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
This is handling the rewrite to https:
For Plex, you will more than likely need to setup a sub-domain for best practice. For instance; my-plex.domain.com. You can achieve this by using the following template. Replace the current plex.conf in your apache2/sites-enabled folder with this config… be sure to adjust accordingly.
ServerSignature Off
ServerTokens Prod
<VirtualHost *:80>
ServerName plex.domain.com
# This VirtualHost redirects everything to HTTPS on port 443.
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>
<VirtualHost *:443>
ServerName plex.domain.com
ServerAlias ""
Options -Includes -ExecCGI
RewriteEngine On
RewriteCond %{THE_REQUEST} !HTTP/1.1$
RewriteRule .* - [F]
LimitRequestBody 512000
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/certs/plex.domain.com-ssl.pem
SSLCertificateKeyFile /etc/apache2/ssl/certs/plex.domain.com-ssl.key
SSLProtocol +TLSv1.2
Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"
Header always set X-Frame-Options DENY
FileETag None
TraceEnable off
#Header edit Set-Cookie ^(.*)$ ;HttpOnly;Secure
Header set X-XSS-Protection "1; mode=block"
Timeout 60
<Location /:/websockets/notifications>
ProxyPass wss://plex.domain.com:32400/:/websockets/notifications
ProxyPassReverse wss://plex.domain.com:32400/:/websockets/notifications
</Location>
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyRequests Off
ProxyPreserveHost On
SSLProxyEngine On
RequestHeader set Front-End-Https "On"
ProxyPass / http://plex.domain.com:32400/
ProxyPassReverse / http://plex.domain.com:32400/
RewriteEngine on
RewriteCond %{REQUEST_URI} !^/web
RewriteCond %{HTTP:X-Plex-Device} ^$
RewriteCond %{REQUEST_METHOD} !^(OPTIONS)$
RewriteRule ^/$ /web/$1 [R,L]
</VirtualHost>
Make sure to install a certificate and adjust the SSLCertificate fields with the actual name of the ssl certificate. You can generate one for this subdomain by easily using box install letsencrypt
If you get a failed notice in regards to headers, do a2enmod headers to activate them, then restart apache with service apache2 restart
Also, please be courteous in the future and open a new topic. We’re lucky to reply to people commenting on solved topics.
2 Likes