How to redirect all http request to https and only open a https port?

Traefik Traefik v3 (latest)
1

I want to open an uncommon port as https port. Because my isp block my 443 and 80 port.
But when I input http://abc.mydomain.com:12345, it can't redirect to https://abc.mydomain.com:12345. How to do that? I have already try the topic of this forum.

entryPoints:
  http:
    address: :80
    http:
      redirections:
        entryPoint:
          to: https
          scheme: https
          permanent: true
    transport:
      respondingTimeouts:
        readTimeout: 0s
 
  https:
    address: :443
    http:
      tls:
        certResolver: letsencrypt
        domains:
          - "mydomain.com"
            sans:
              - "*.mydomain.com"
      middlewares:
        - securityHeaders@file
        - crowdsec-bouncer@file
    transport:
      respondingTimeouts:
        readTimeout: 0s

http:
  routers:
    http_catchall:
      entryPoints:
        - http
      rule: "HostRegexp(`{host:.+}`)"
      middlewares: https_redirect
      service: noop@internal
      priority: 1

  services:

  middlewares:
    https_redirect:
      redirectscheme:
        scheme: https
        permanent: true

    local-ipwhitelist:
      ipAllowList:
        sourceRange: 
          - 127.0.0.1/32 # localhost
          - 192.168.1.1/24 # LAN Subnet
    securityHeaders:
      headers:
        customResponseHeaders:
          X-Robots-Tag: "none,noarchive,nosnippet,notranslate,noimageindex"
          X-Forwarded-Proto: "https"
          server: ""
        customRequestHeaders:
          X-Forwarded-Proto: "https"
        sslProxyHeaders:
          X-Forwarded-Proto: "https"
        referrerPolicy: "same-origin"
        hostsProxyHeaders:
          - "X-Forwarded-Host"
        contentTypeNosniff: true
        browserXssFilter: true
        forceSTSHeader: true
        stsIncludeSubdomains: true
        stsSeconds: 63072000
        stsPreload: true
3

I can visit https://abc.mydomain.com:12345

4

It seems the regular http-to-https redirect solutions need two ports or use fixed port 443.

You could try with redirectregex, which should enable to provide a port, similar to simple Traefik example:

  whoami:
    image: traefik/whoami:v1.10
    networks:
      - proxy
    labels:
      - traefik.enable=true
      - traefik.http.routers.mywhoami.rule=Host(`whoami.example.com`) || Host(`www.whoami.example.com`)
      - traefik.http.services.mywhoami.loadbalancer.server.port=80

      - traefik.http.middlewares.mywwwredirect.redirectregex.regex=^https://www\.(.*)
      - traefik.http.middlewares.mywwwredirect.redirectregex.replacement=https://$${1}
      - traefik.http.routers.mywhoami.middlewares=mywwwredirect
5

Generally, I recommed against using the same port for both http and https, (virtually) nobody does that, and it's not a good idea.

6

Why the bot is so silly??? It banned my account for just a example website. I have to register a new account.

When I used other reverse proxy tool which is called lucky, it support redirect function, it could redirect to https://{host}:{port}.
A tutorial told me to do that in that reverse proxy tool.

Here is my part packet capture:

request header
GET http://abc.example.com:12345 HTTP/1.1
Host: abc.example.com:12345

response header
HTTP/1.1 307 Temporary Redirect
Content-Type: text/html; charset=utf-8
Location: https://abc.example.com:12345

7

Is it working?

- traefik.http.middlewares.myhttpsredirect.redirectregex.regex=^http://(.*)
- traefik.http.middlewares.myhttpsredirect.redirectregex.replacement=https://$${1}
8

It's not working.
These are adding to my traefik lable.
traefik.http.middlewares.httpredirect.redirectregex.regex=^http://(.*)
traefik.http.middlewares.httpredirect.redirectregex.replacement=https://$${1}

These are adding to my application lable.
traefik.http.routers.appexample.middlewares=httpredirect

9

Can you unban my account? :frowning: