Off topic slightly - Apache https redirect
Mike Dewhirst
Bob Kline
There seems to be a multitude of ways to redirect from http to https.
Any pointers to the absolutely correct way?
ServerName example.com
ServerAlias www.example.com
Redirect permanent / https://example.com/
</VirtualHost>
Mike Dewhirst
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/c8c8177d-49c0-45f7-b382-31855ccb6b0an%40googlegroups.com.
Antonis Christofides
Technically the correct way here is to include 'permanent'. This may help search engines do the correct thing.
But there is a problem. At least until a few years ago, the RFC mandated that permanent redirects be cachable forever, and browsers were doing this. Assuming this continues today, if for any reason you ever decide to undo this permanent redirect or point it elsewhere, or simply if you make an error while configuring apache, you are out of luck. In my opinion, this is an error in the RFC, and as someone had commented, it is silly to have a provision that lets you so easily give up control of a resource for ever.
Because of this, I always include this in my apache configuration (not in the host configuration but in the general configuration which applies to all hosts):
Header always set Cache-Control "no-store, no-cache,
must-revalidate" "expr=%{REQUEST_STATUS} == 301"
Header always set Expires "Thu, 01 Jan 1970 00:00:00 GMT"
"expr=%{REQUEST_STATUS} == 301"
Antonis Christofides +30-6979924665 (mobile)
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/62018eb3.1c69fb81.e0fe.0b9fSMTPIN_ADDED_MISSING%40gmr-mx.google.com.