How to Redirect HTTP to HTTPS Using Free WAF

How to Redirect HTTP to HTTPS Using Free WAF


SafeLine WAF Installation Reference: SafeLine WAF Installation

Prerequisites:

  • An SSL certificate (e.g., a .crt file and a .key file).



Configuration Overview

In this guide, I’ll walk you through configuring HTTP to HTTPS redirection for your web application when using SafeLine WAF. My web application and WAF are hosted on the same server, so I’ll show you how to avoid port conflicts and set up redirection correctly.



1. Modify Your Application’s Nginx Port

Since both the WAF and your web application are on the same server, you’ll need to change the port that your application’s Nginx server listens on to avoid conflicts. The default ports 80 (HTTP) and 443 (HTTPS) should be used by SafeLine WAF, so your application needs to use a different port, such as 8000.

To identify available ports on your server, you can use the following command:

netstat -an | grep LISTEN | grep -v unix
Enter fullscreen mode

Exit fullscreen mode

Then, update your Nginx configuration to listen on the new port:

  • Modify the Nginx configuration file to change the listening port from 80 to your chosen port (e.g., 8000).
  • Reload the Nginx configuration to apply the changes:
nginx -t 
nginx -s reload
Enter fullscreen mode

Exit fullscreen mode



2. Add Protection Sites in SafeLine WAF

Next, you’ll add both HTTP and HTTPS sites in SafeLine WAF.

For HTTP:

Image description

  • Port: 80
  • Upstream Server: 127.0.0.1:8000 (This should point to your web application. Modify it according to your setup.)

For HTTPS:

Image description

  • Port: 443
  • Enable SSL and upload your SSL certificate files.
  • The upstream server should be the same as the one used for the HTTP site.

After configuring, submit the changes.



3. Modify SafeLine WAF’s Nginx Forwarding Configuration

To enable HTTP to HTTPS redirection, you need to modify SafeLine WAF’s default Nginx proxy configuration, typically found at:

/data/safeline/resources/nginx/sites-enabled
Enter fullscreen mode

Exit fullscreen mode

In the configuration file for port 80, add the following line to redirect HTTP traffic to HTTPS:

rewrite ^(.*)$ https://$host$1 permanent;
Enter fullscreen mode

Exit fullscreen mode

Image description

Finally, reload the SafeLine Nginx configuration to apply these changes:

docker exec -it safeline-tengine /usr/sbin/nginx -t  # Test the configuration
docker exec -it safeline-tengine /usr/sbin/nginx -s reload  # Reload the configuration
Enter fullscreen mode

Exit fullscreen mode



4. Test in Your Browser

Now, visit http://your-site in your browser.

Image description

You should see that the request is automatically redirected to https://your-site.

Image description

Image description



Give it a try now!

Website: https://waf.chaitin.com
Demo:https://demo.waf.chaitin.com:9443



Source link
lol

By stp2y

Leave a Reply

Your email address will not be published. Required fields are marked *

No widgets found. Go to Widget page and add the widget in Offcanvas Sidebar Widget Area.