I am currently using mod_rewrite to redirect all subdomains to https, but multiple sources have suggested that
Using mod_rewrite to do this isn't the recommended behavior. See RedirectSSL
The apache docs suggest Redirect and RedirectMatch:
A common use for RewriteRule is to redirect an entire class of URLs. For example, all URLs in the /one directory must be redirected to http://one.example.com/, or perhaps all http requests must be redirected to https.
These situations are better handled by the Redirect directive. Remember that Redirect preserves path information. That is to say, a redirect for a URL /one will also redirect all URLs under that, such as /one/two.html and /one/three/four.html.
Unfortunately, both of these documents (and anything else I have found) are only considering matching a single domain, rather than all subdomains. RedirectMatch seems like a good candidate for a relatively simple task like this, but I can't seem to get "http" to match as I expect:
RedirectMatch permanent "^http://(.*)$" "https://$1"
My guess as to why that doesn't work is because the redirectMatch is looking for a path and not a URI, but at this point I am stuck. Is it possible to accomplish a redirect of all subdomains to https without mod_rewrite, or is that the best available method?
