Few years ago, switched my web site from a custom cms (written by Erwan Pinvidic) to moinmoin wiki engine. Some months (or years?), later I implemented an authentifcation plugin which is using my mail server as a credentials' provider. At that time, I wanted to use https for authentifcation and tried few things to force apache to redirect to https on specific url pattern, and I failed. At this stage, I modified my plugin to reject authentification if the login and password were sent over http and forgot all that stuff...

Few days ago, I setup varnish in front of my apache server and moved few http to https redirections from apache to varnish. And while updating varnish's configuration, I recalled my attempts with moinmoin's login page redirection and wanted implement this using varnish. And this time, I did it using the setup below:

sub vcl_recv {
if (req.http.host ~ "www.glennie.fr" && req.url ~ "\?action=login") {
       set req.http.x-host = req.http.host;
       set req.http.x-url = req.url;
       return(synth(750, "https://" + req.http.x-host + req.http.x-url));
    }
}


sub vcl_synth {
    if (resp.status == 750) {
      set resp.http.Location = "https://" + req.http.x-host + req.http.x-url;
      set resp.status = 301 ;
      return(deliver);
  }
}

So, don't worry if you don't succeed the first time. Try later using the right toolTM!


I installed varnish as HTTP accelerator in front of my apache server. Some of my sites can be accessed only via https. When accessed via http, clients get redirected to https (the redirection is done in the virtual host definition).
After varnish's installation, I wanted to move the redirection under varnish. In order to redirect browsers using varnish, edit /etc/varnish/default.vcl and add the following:

sub vcl_recv {
if (req.http.host ~ "webmail\.glennie\.fr" || req.http.host ~ "nagios\.glennie.fr" || req.http.host ~ "stats\.glennie\.fr") {
       set req.http.x-host = req.http.host;
       set req.http.x-url = req.url;
       return(synth(750, "https://" + req.http.x-host + req.http.x-url));
    }
}


sub vcl_synth {
    if (resp.status == 750) {
      set resp.http.Location = "https://" + req.http.x-host + req.http.x-url;
      set resp.status = 301 ;
      return(deliver);
  }
}


YMMV