Enabling and Using SSL on OIT Web Hosting

Enabling and Using SSL on OIT Web Hosting kp37 Fri, 03/10/2017 - 13:02

SSL encryption is highly recommended for websites these days, not just because it makes user interactions with your site more secure, but also because the major browser manufacturers are starting to mark all non-SSL encrypted sites with some kind of red symbol (red padlock, red 'X' through a padlock, etc.) to better warn users not to enter sensitive information into these sites.  So, from a marketing standpoint, it's going to make your site look more professional if you turn on SSL encryption, which will keep those red warning symbols from showing.

OIT provides two Frequently Asked Questions articles that cover much of what you need to know to get started your site set up with SSL encryption:

In addition, it's important to know that OIT Web Hosting accounts come in two flavors: old-style, which were originally set up more than two to three years ago, and new-style, which were set up more recently.  Old-style accounts will have separate 'httpdocs' and 'httpsdocs' directories for your public files, which in essence means that you have two separate sites in one account.  The How to Force Your Site's HTTP Traffic to HTTPS OIT FAQ article doesn't address how to handle these older accounts - its instructions are only effective for new-style accounts.

If you own or have inherited an old-style account, and you want to make it run exclusively as an SSL encrypted HTTPS site, here are some options available to you:

  1. You can remove or rename the 'httpsdocs' directory in your hosting account and symlink 'httpsdocs' to the 'httpdocs' directory.  This will make the account act just like a new-style account.  You'll need a little familiarity with UNIX, however, as this has to be done via the SSH command line (the Plesk File Manager interface doesn't give you an option to create symlinks).
  2. You can open a ticket with OIT and ask them to make the appropriate changes for you.  (They'll likely just change the account's configuration to point both HTTP and HTTPS traffic to your httpdocs directory, rather than use the symlink method.)
  3. You can put a .htaccess file in your 'httpdocs' directory with the following line in it, replacing 'sitename.gatech.edu' with the actual DNS hostname for your site:

    Redirect / https://sitename.gatech.edu/