Skip to content

HTTP Redirection


About this Document

In this document, we explain how to configure the reverse proxy to automatically redirect HTTP traffic to HTTPS. When you add an SSL certificate to your website, the URL scheme used by visitors changes from HTTP to HTTPS. The S means that the connection is secure. After adding an SSL certificate, you can redirect all HTTP requests to the HTTPS version of your site. For example, if someone visits they will automatically be redirected to

Configuration Overview

  • Create the HTTPS reverse proxy entry as explained in the reverse proxy manual (port 443).

  • Select the newly created entry and click on edit as new.

  • Add a new HTTP entry for the same application server (port 80). Don’t add certificates and make sure to disable secure connections.

  • Select the Security tab. Under Request Filtering find the Allowed Requests field.

  • Copy and paste the following text into the Allowed Requests field:

/(.*)$1 [R=301,L]

Replace with your own FQDN.

Step-by-step Configuration Example

Creating the HTTPS Entry

  1. Log in to your AXS Guard appliance.

  2. Go to Reverse Proxy > HTTP(S) > Servers and click on add new.

  3. Enter the connection settings as shown in the example below.

    HTTPS Entry Connection Settings

  4. Configure the server certificate.

  5. Select the appropriate authentication types and save your configuration.

    HTTPS Entry Certificate Configuration

Creating the HTTP Redirect Entry

  1. Select the HTTPS entry that was previously created and click on edit as new.

  2. Update the configuration as shown in the example below (change the AXS Guard TCP port number to 80).

    HTTP Entry Connection Settings

  3. Disable secure connections.

  4. Copy and paste the following text into the Allowed Requests field:

    `/(.*)$1 [R=301,L`]
  5. Replace with your own FQDN.

  6. Save your configuration.

    HTTP Entry Security Settings

Connection Overview

You should now see two entries for the same server:

Reverse Proxy Overview


In the rewrite logs of the HTTP entry, you should see similar entries:

[][rid#55d0555df7a0/initial] redirect to [REDIRECT/301]
[Fri Jul 12 09:28:43.982254 2019] [rewrite:trace1] [pid 15009] mod_rewrite.c(483): [client] - - [][rid#55d0555e2670/initial] escaping for redirect
[Fri Jul 12 09:28:43.982301 2019] [rewrite:trace1] [pid 15009] mod_rewrite.c(483): [client] - - [][rid#55d0555e2670/initial] redirect to [REDIRECT/301]