I have a site on Google Domains (www.example.com) and it's hosted with Gcloud. I followed the instructions listed here to set up SSL and https: https://cloud.google.com/appengine/docs/standard/python/securing-custom-domains-with-ssl
Basically, I just ran gcloud beta app domain-mappings update example.com --certificate-management='AUTOMATIC'
Now I can indeed access https://example.com and https://www.example.com. But I can access the unsecure http version of those domains as well.
How can I set up my Google Domain to always use https? If someone types http://example.com, I want it to go to the https site instead.
Records:
My naked domain (example.com) has 4 A records and 4 AAAA records.
My www.example.com domain has 1 CNAME record with alias=www.
Have you tried setting secure: always in your handlers in your app.yaml?
handlers:
- url: /youraccount/.*
script: accounts.app
login: required
secure: always
always
Requests for a URL that match this handler that do not use
HTTPS are automatically redirected to the HTTPS URL with the same
path. Query parameters are preserved for the redirect
https://cloud.google.com/appengine/docs/standard/python/config/appref#handlers_element
Not sure what backend language you are using, but you can brute-force to ssl by checking the request header then redirecting. Example:
if request.environ.get('HTTPS') == 'off':
return redirect('https://www.example.com' + request.environ.get('PATH_INFO'), 301)
Alex's answer (see comments) put me on the right path.
First meteor add gadicohen:headers to add headers info.
In my router logic (Iron Router on Meteor) in a before hook, I check if the x-forwarded-proto is http. If so, replace http with https and go to that URL instead. I make sure I'm not on localhost too, so that I can develop the site
Router.onBeforeAction(function () {
<some other logic>
// Redirect http to https
if (headers.get('x-forwarded-host') !== "localhost:3000") {
if (headers.get('x-forwarded-proto') === "http") {
window.location = window.location.href.replace('http', 'https')
}
}
});
secure: always still works in all standard environments, but the secure option has been deprecated in all flexible environments, see documentation here or here for Node.js.
If you need this feature in your current environment, the suggested solutions require changes to your application code. Either use the custom HTTP header X-Forwarded-Proto to redirect the HTTP traffic to HTTPS, or use the HTTP Strict Transport Security response header.
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 来,给爷笑一个 的文章《How to enforce HTTPS traffic to Google App Engine 》','https://www.manongdao.com/article-463576.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}