tencent cloud

Feedback

Forced HTTPS Access

Last updated: 2024-10-28 15:34:17

    Overview

    You can use 301 or 302 redirects to redirect HTTP client requests to HTTPS requests and send them to EdgeOne. Forced HTTPS access is used to improve website security and protect user privacy. If your business needs to safeguard user privacy and other sensitive information, we recommended you enable this feature to ensure that data is encrypted during transmission.
    
    1. The client initiates an HTTP request.
    2. The EdgeOne node responds with a 301 or 302 status code.
    3. The client is redirected to initiate an HTTPS request.

    Scenario 1: Enabling Forced HTTPS Access for All Domain Names

    To enable forced HTTPS access for all domain names used to access the current site, refer to the following information.

    Prerequisites

    You have configured SSL certificates for all domain names used to access the current site as instructed in Certificate Configuration.

    Directions

    1. Log in to the EdgeOne console and click Site List in the left sidebar. In the site list, click the target Site.
    2. On the site details page, click Site Acceleration to enter the global site configuration page. Then click HTTPS in the right sidebar.
    3. On the forced HTTPS configuration card, toggle on the Site-wide setting switch to enable this feature for the entire site.
    
    Off (default): EdgeOne does not perform any redirection, regardless of the request protocol used by a client. The client accesses an EdgeOne node via the original protocol.
    On: You may choose to redirect HTTP requests made by a client to HTTPS by using a 301 or 302 redirect. HTTPS requests made by a client will not be redirected.

    Scenario 2: Enabling Forced HTTPS Access for Specified Domain Names

    To enable forced HTTPS access for specified domain names used to access the current site, refer to the following information.

    Prerequisites

    You have configured SSL certificates for the specified domain names used to access the current site as instructed in Certificate Configuration.

    Directions

    1. Log in to the EdgeOne console and click Site List in the left sidebar. In the site list, click the target Site.
    2. On the site details page, click Site Acceleration to enter the global site configuration page. Then click the Rule Engine tab.
    3. On the rule engine management page, click Create rule and select Add blank rule.
    4. On the page that appears, select HOST from Matching type and specify an operator and a value to match the requests of specified domain names.
    5. From the Operation drop-down list, select Forced HTTPS. Then, click Switch.
    
    6. Click Save and publish.
    Contact Us

    Contact our sales team or business advisors to help your business.

    Technical Support

    Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

    7x24 Phone Support