I have the problem of redirecting the http to https but all the information/tutorials and descriptions are not working. We are using Apache2 on a Debian machine and this is the conf file
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerAdmin webmaster#localhost
ServerName assets.xxx.it
ServerAlias assets.xxx.it
DocumentRoot /var/www/assets/eit_resource_manager_frontend/build
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
RedirectMatch ^(.*)$ https://assets.xxx.it$1
</VirtualHost>
<VirtualHost *:443>
ServerName assets.xxx.it
ServerAlias assets.xxx.it
Protocols h2 http/1.1
<Directory "/var/www/assets/eit_resource_manager_frontend/build">
RewriteEngine on
#Don't rewrite files or directories
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
#Rewrite everything else to index.html to allow html5 state links
RewriteRule ^ index.theml [L]
</Directory>
# SSL Configuration
# Other Apache Configuration
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/assets.xxx.it/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/assets.xxx.it/privkey.pem
</VirtualHost>
After any change in the file I restart the server but the HTTP is not redirected to HTTPS. I have tried different implementation with same poor result.
For further information, the login page is on assets.xxx.it/login and the redirect from "/" to "/login" is handled inside the app (via React Router)
Any suggestions?
When creating the SSL certificate with certbot and the Apache plugin, a SSL config file was created, so we came up with having a file for vh 80 created by us, a file for vh 443 created by us, and a file for both 80 and 443 generated while creating the certificate.
As said, this file had instructions for both port 80 and 443 but, despite the fact that we asked for the redirect while creating the certificate, there was not such an instruction in this conf file. So we added the RedirectMatch instruction and it worked. We also deleted the vh 443 conf file that we had created and it went on working.
After other search I have also understood that the RewriteCond and RewriteRule in the Directory tag are just there if you want to use the .htaccess file in the repo folder for a more grained control.
Related
Im using ubuntu, apache and letsencrypt. I want to disable https for one directory.
This is my .htaccess right now:
RewriteEngine On
RewriteBase /
#HTTP TO HTTPS
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
domain.nl should redirect to https://domain.nl. (As it does now)
http://domain.nl/keuken (or http://domain.nl/keuken/keuken.php is also ok) should just be http.
I can not get it to work.
I tried several solutions from stackoverflow but either it does nothing or i get to many redirects.
I found the answer. The .htaccess in my question has nothing to do with it.
I changed the virtualhost config file: 000-default.conf in /etc/apache2/sites-available to this:
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port t$
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
<Directory /var/www/html>
AllowOverride All
</Directory>
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
RewriteEngine on
RewriteCond %{REQUEST_URI} !^/keuken(/|$) [NC]
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
If i am correct this means everything except /keuken is redirected to https.
I looked at different topic regarding my problem but it still doesn't work.
I have just deployed my website in Symfony, on my Debian with Apache.
I manage to go to the main page, but the others return me a 404 error.
I saw that it was necessary to add the .htaccess file for the routing, something that I did but it still does not work.
But when I enter the url: https://myWebsite/index.php/movie it works.
(Tell me if you need more code)
EDIT : on the url https://myWebsite.fr the Symfony Tool Bar doesnt work, the error in the console is : https://mywebsite.fr/_wdt/af9d59
RESOLVED : I added the allowoverride in my HTTPS .conf and its working.
There is my website.conf on my Apache folder "sites-available" :
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName mywebsite.fr
ServerAdmin webmaster#localhost
DocumentRoot /var/www/project/public
<Directory /var/www/project/public>
AllowOverride All
Order Allow,Deny
Allow from All
</Directory>
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/project_error.log
CustomLog ${APACHE_LOG_DIR}/projec_access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
RewriteEngine on
RewriteCond %{SERVER_NAME} =mywebsite.fr
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
My second .conf mywebsite-le-ssl for the https (using certbot) :
`
<IfModule mod_ssl.c>
<VirtualHost *:443>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName mywebsite.fr
ServerAdmin webmaster#localhost
DocumentRoot /var/www/mywebsite/public
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/project_error.log
CustomLog ${APACHE_LOG_DIR}/projec_access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
RewriteEngine on
# Some rewrite rules in this file were disabled on your HTTPS site,
# because they have the potential to create redirection loops.
# RewriteCond %{SERVER_NAME} =mywebsite.fr
# RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
SSLCertificateFile /etc/letsencrypt/live/mywebsite.fr/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mywebsite.fr/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
`
I have an Apache server, where the root website directory is located at /var/www/html/. I have a domain I purchased on GoDaddy that contains an # A record which points to my home IP Address where my server is located. On the server end, I have a private folder inside my website directory protected correctly with a username and password, as you'll see in my server configuration. I noticed that when I go to my domain with Chrome, sometimes it will load instantly, and other times (according to the Google Chrome Developer Network Console) I will keep getting a "301 Moved Permanently" status code from my server. Is there something I am overlooking?
My website conf file (replaced with example.com for temporary privacy):
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName www.example.com
ServerAlias example.com
ServerAdmin example#example.com
DocumentRoot /var/www/html
ErrorDocument 404 /404.html
<Directory "/var/www/html/private">
AuthType Basic
AuthName "Restricted Content"
AuthUserFile /etc/apache2/.htpasswd
Require valid-user
</Directory>
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
And here is the .htaccess file located at the root of my website, which might help:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^example.com
RewriteRule ^/(.*)$ http://www.example.com/$1 [L,R=301]
I finally found a working solution. It wasn't the server's fault, it was the way I set up GoDaddy. Inside your domain's DNS settings, have the server permanently redirect to your public IP address. Ensure it is a masked redirection so that your domain stays in the web address bar.
I've been stuck with this problem for the past day now and whatever I do to try and fix it fails.
I am trying to migrate my sites from Windows IIS to Ubuntu LAMP. I have set them up in the var/www/ directory and made the config files for them.
I have set up 2 virtual hosts: 1 for samtownsendmusic.co.uk and 1 for www.swim-4u.co.uk
(I thought it might be easier to just use the real domains instead of example ones.)
These are the config files:
<VirtualHost samtownsendmusic.co.uk:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName samtownsendmusic.co.uk
ServerAlias samtownsendmusic.co.uk
ServerAdmin admin#samtownsendmusic.co.uk
DocumentRoot /var/www/samtownsendmusic.co.uk
RewriteEngine on
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
RewriteEngine on
RewriteCond %{SERVER_NAME} =samtownsendmusic.co.uk
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
swim-4u.co.uk.conf
<VirtualHost www.swim-4u.co.uk:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName www.swim-4u.co.uk
ServerAdmin admin#swim-4u.co.uk
DocumentRoot /var/www/swim-4u.co.uk/
RewriteEngine on
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
RewriteEngine on
RewriteCond %{SERVER_NAME} =www.swim-4u.co.uk
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
I then go to samtownsendmusic.co.uk and it loads up fine.
When I try to go to www.swim-4u.co.uk it just loads up samtownsendmusic.co.uk
I'm fairly new to apache and linux so any help would be appreciated. Thank you
I think I've fixed it.
I'm not sure why it worked, but I removed my sites off cloudflare. I then reinstalled my SSL certificates, redid the Virtual hosts and deactivated all of my WordPress plugins.
Somehow, that made it work
I got an SSL certificate from Let's Encrypt and after messing up the installation with bad selections at the installation process, I believe I got some broken code in the 000-default.conf file, because currently only if I type example.com it redirects me to https://example.com/, but when I type www.example.com it leaves me at www.example.com without HTTPS. this is how 000-default.conf currently looks like:
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
RewriteEngine on
RewriteCond %{SERVER_NAME} =example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
Edit: Let's Encrypt created more files inside sites-available, alongside 000-default.conf, so I assume you need all them to work together, such as the following file: 000-default-le-ssl.conf:
<IfModule mod_ssl.c>
<VirtualHost *:443>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
ServerName example.com
Include /etc/letsencrypt/options-ssl-apache.conf
ServerAlias www.example.com
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
</VirtualHost>
</IfModule>
I have certificate for both www.example.com and example.com.
What do I need to edit to prevent www.example.com access to regular HTTP and redirect it to HTTPS? I can't find out
Thanks
You'll want to include the server name and alias to your virtual host
<VirtualHost *:80>
ServerAdmin webmaster#localhost
ServerName website.com
ServerAlias www.website.com
RewriteEngine On
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
</VirtualHost>
This will force both urls to be redirected. Note that your rule used to be limited to non-www url.
You can just tell it to redirect port 80 to port 443, that's where I'm guessing you are running your ssl, here is an example:
https://wiki.apache.org/httpd/RedirectSSL