The simplest way is often the most effective, even if it takes a bit more time. Recently, I was constructing something requiring access only via https://
, unlike http://
which lacks SSL encryption.
Simply adding the [SSLRequireSSL](https://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslrequiressl "Deny access when SSL is not used for the HTTP request")
directive to the definition of an access point in the Apache configuration makes it require the use of SSL encryption.
It’s worth noting that setting up redirection from standard HTTP to HTTPS should also be implemented.