How to Redirect HTTP to HTTPS Using Free WAF

MotorBuy6 - Aug 16 - - Dev Community

SafeLine WAF Installation Reference: SafeLine WAF Installation

Image description

Prerequisites:

  • An SSL certificate (e.g., a .crt file and a .key file).

Configuration Overview

In this guide, I'll walk you through configuring HTTP to HTTPS redirection for your web application when using SafeLine WAF. My web application and WAF are hosted on the same server, so I'll show you how to avoid port conflicts and set up redirection correctly.

1. Modify Your Application's Nginx Port

Since both the WAF and your web application are on the same server, you'll need to change the port that your application's Nginx server listens on to avoid conflicts. The default ports 80 (HTTP) and 443 (HTTPS) should be used by SafeLine WAF, so your application needs to use a different port, such as 8000.

To identify available ports on your server, you can use the following command:



netstat -an | grep LISTEN | grep -v unix


Enter fullscreen mode Exit fullscreen mode

Then, update your Nginx configuration to listen on the new port:

  • Modify the Nginx configuration file to change the listening port from 80 to your chosen port (e.g., 8000).
  • Reload the Nginx configuration to apply the changes:


nginx -t 
nginx -s reload


Enter fullscreen mode Exit fullscreen mode

2. Add Protection Sites in SafeLine WAF

Next, you'll add both HTTP and HTTPS sites in SafeLine WAF.

For HTTP:

Image description

  • Port: 80
  • Upstream Server: 127.0.0.1:8000 (This should point to your web application. Modify it according to your setup.)

For HTTPS:

Image description

  • Port: 443
  • Enable SSL and upload your SSL certificate files.
  • The upstream server should be the same as the one used for the HTTP site.

After configuring, submit the changes.

3. Modify SafeLine WAF’s Nginx Forwarding Configuration

To enable HTTP to HTTPS redirection, you need to modify SafeLine WAF's default Nginx proxy configuration, typically found at:



/data/safeline/resources/nginx/sites-enabled


Enter fullscreen mode Exit fullscreen mode

In the configuration file for port 80, add the following line to redirect HTTP traffic to HTTPS:



rewrite ^(.*)$ https://$host$1 permanent;


Enter fullscreen mode Exit fullscreen mode

Image description

Finally, reload the SafeLine Nginx configuration to apply these changes:



docker exec -it safeline-tengine /usr/sbin/nginx -t # Test the configuration
docker exec -it safeline-tengine /usr/sbin/nginx -s reload # Reload the configuration

Enter fullscreen mode Exit fullscreen mode



  1. Test in Your Browser

Now, visit http://your-site in your browser.

Image description

You should see that the request is automatically redirected to https://your-site.

Image description

Image description

Give it a try now!

Website: https://waf.chaitin.com
Demo:https://demo.waf.chaitin.com:9443

. . . . . . . . . . . . . . .