From ac7b17c51e713063b7d3bec1d5a368ffa84b0bae Mon Sep 17 00:00:00 2001
From: Ihor Aleksandrychiev <ihor.aleksandrychiev@northern.tech>
Date: Mon, 29 Sep 2025 17:37:50 +0300
Subject: [PATCH] Removed web server redirect from http to https

HTTP_HOST can be manipulated via Host header and for this reason http to https redirect will be handled on the UI.

Ticket: ENT-11481
Signed-off-by: Ihor Aleksandrychiev <ihor.aleksandrychiev@northern.tech>
---
 deps-packaging/apache/httpd.conf | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/deps-packaging/apache/httpd.conf b/deps-packaging/apache/httpd.conf
index 1ff13aaca..d0622bd17 100644
--- a/deps-packaging/apache/httpd.conf
+++ b/deps-packaging/apache/httpd.conf
@@ -259,10 +259,6 @@ SetHandler "proxy:fcgi://127.0.0.1:9000"
   <IfModule rewrite_module>
     RewriteEngine On
 
-    # Force https with redirection
-    RewriteCond %{HTTPS} off
-    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
-
     # redirect from `index.php/path` to `/path`
     RewriteCond %{REQUEST_URI} !(.*)/api/(.*) [NC]  #do not apply redirect to internal APIs for backward compatibility
     RewriteCond %{THE_REQUEST} /index\.php/(.+)\sHTTP [NC]