Apache shows default page and doesn't load site configuration. OS: Debian 10.
Site is enabled but somehow it doesn't show files from public_html folder. Any help is appreciated.
<VirtualHost *:443>
SSLEngine On
ServerAdmin admin#abc.com
ServerName abc.com
ServerAlias *.abc.com
DocumentRoot /home/xx/public_html
SSLEngine on
SSLCertificateFile /home/xx/ssl.cert
SSLCertificateKeyFile /home/xx/ssl.key
<Directory /home/xx/public_html>
Require all granted
</Directory>
ErrorLog /home/xx/logs/error.log
CustomLog /home/xx/logs/access.log common
LogLevel debug
</VirtualHost>
No enough reputation to comment, so I’m trying with an answer and will clean it up if useful.
No mention of what you’re finding, if anything, in your logs. I assume you’re accessing using HTTPS to be sure your requests are going to port 443, but if per chance you were not I would try that first by specifying the protocol when entering the URL in your browser - otherwise you are probably making your request to the server on port 80 and not 443 where your VirtualHost is listening.
http://example.com ====> browser sends request to port 80, default port for http
https://example.com ====> browser sends request to port 443, default port for https
Is there also a VirtualHost entry for port 80 to redirect those requests to 443? If your browser is trying to load it as http using port 80 first then perhaps that’s why you’re seeing the Apache default page as I believe the server will be attempting to serve from /var/www/html/ for requests on port 80 unless you have already pointed these elsewhere with another VirtualHost, etc.
An example of what I mean that I have in use; either the ReWriteEngine or the Redirect permanent may be redundant, but I can confirm it functions fine for me as follows:
<VirtualHost *:80>
ServerName www.example.com
ServerAlias example.com
Redirect permanent / https://www.example.com
RewriteEngine on
RewriteCond %{SERVER_NAME} =www.example.com [OR]
RewriteCond %{SERVER_NAME} =example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
For my setup, I preferred that the www subdomain be default and set up DNS intentionally to treat it as such, so the bare domain is ServerAlias in my instance.
Related
Edit: I took the redirect lines out of the VirtualHosts for the two domains that aren't working. After rebooting Apache, both the HTTP and HTTPS version of both sites work as intended, but its not automatically redirecting anymore (obviously). But those same exact redirect rules are working fine for sidmandesign.com
I am migrating my webserver from an IIS server to a LAMP stack using Ubuntu. I used certbot to install three SSL certificates for my three domains. Certbot added a -le-ssl.conf file to the virtualhosts directory, so in there I now have (all in /etc/apache2/sites-enabled/ directory with the proper include inside apache.conf):
sidmandesign.conf:
<VirtualHost *:80>
ServerName www.sidmandesign.com
ServerAlias sidmandesign.com
DocumentRoot "/var/www/html/Sidman Designs/"
RewriteEngine on
RewriteCond %{SERVER_NAME} =sidmandesign.com [OR]
RewriteCond %{SERVER_NAME} =www.sidmandesign.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
sidmandesign-le-ssl.conf:
<VirtualHost *:443>
ServerName www.sidmandesign.com
ServerAlias sidmandesign.com
DocumentRoot "/var/www/html/Sidman Designs"
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/sidmandesign.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/sidmandesign.com/privkey.pem
</VirtualHost>
augustinebuilders.conf:
<VirtualHost *:80>
ServerName www.augustinebuilders.com
ServerAlias augustinebuilders.com
DocumentRoot "/var/www/html/augustine/"
RewriteEngine on
RewriteCond %{SERVER_NAME} =augustinebuilders.com [OR]
RewriteCond %{SERVER_NAME} =www.augustinebuilders.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
augustinebuilders-le-ssl.conf:
<VirtualHost *:443>
ServerName www.augustinebuilders.com
ServerAlias augustinebuilders.com
DocumentRoot "/var/www/html/augustine"
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/augustinebuilders.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/augustinebuilders.com/privkey.pem
</VirtualHost>
salvagedserendipity.conf:
<VirtualHost *:80>
ServerName www.salvagedserendipity.com
ServerAlias salvagedserendipity.com
DocumentRoot "/var/www/html/salvagedserendipity/"
RewriteEngine on
RewriteCond %{SERVER_NAME} =salvagedserendipity.com [OR]
RewriteCond %{SERVER_NAME} =www.salvagedserendipity.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
salvagedserendipity-le-ssl.conf:
<VirtualHost *:443>
ServerName www.salvagedserendipity.com
ServerAlias salvagedserendipity.com
DocumentRoot "/var/www/html/salvagedserendipity"
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/salvagedserendipity.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/salvagedserendipity.com/privkey.pem
</VirtualHost>
Sidmandesign.com works just fine, it redirects to HTTPS and I can see everything. However when I try the other two sites, they redirect to HTTPS but I get a ERR_TOO_MANY_REDIRECTS in Chrome and a generic cannot display this page in Edge/IE.
Any ideas why one domain would work but the other two don't when configs appear identical?
Your RewriteCond syntax
In your *:80 VirtualHost, remove your RedirectCond and RewriteRule directives and add (well, adjust for your domains!):
Redirect permanent / https://www.example.com
No need to verify if the domain names match, Apache will only use the configuration in that VirtualHost if the domain matches ServerName or ServerAlias directives values anyway.
Another point, RewriteCond does not need the = sign (for future reference):
RewriteCond %{SERVER_NAME} ^www.example.com$
Remove DocumentRoot in VirtualHost *:80
Since you never server any content for the *:80 VirtualHost, you should remove DocumentRoot directives.
Multiple SSL VirtualHosts problem
For port 80, no problem you can have many VirtualHosts defined. Apache will look at the requested domain and use the matching configuration.
But for SSL, that does not work. Apache cannot read the requested domain until after the SSL certificates negotiation is done with the browser. So what does it do? It uses the first *:443 VirtualHost it finds.
Ways around this are:
1 SSL domain == 1 IP == 1 VirtualHost set for that IP only (i.e. not *:443). The problem here is you might not have access to more than one address.
1 SSL domain == 1 port == 1 VirtualHost set for that port (i.e. *:443, *:444, ...). The problem here is that port 443 is the default for https sites, so other sites need to be explicitly requested for in the browser, which is counter intuitive for clients. If you have network infrastructure in front of your Apache, you could change the port there. https://www.example.com is sent to apache:443, https://www.example2.com is sent to apache:444, and so forth. But this needs to be done before the traffic gets to Apache.
Use SNI in Apache (https://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI).
In your case
The request http://<SOMEDOMAIN>, on port 80 is sent to the proper VirtualHost.
This VH redirects it to https://<SOMEDOMAIN>, on port 443. Well it should.
The first VH is always used, so certificate /etc/letsencrypt/live/sidmandesign.com/fullchain.pem is the one send to the client's browser. You can validate this by looking at the browser console and inspecting the certificate.
The browser thus sees a certificate for one domain, which does not match the requested one (well besides the first domain).
Lastly
For the "ERR_TOO_MANY_REDIRECTS in Chrome", look at the console (F12, Network tab, check Preserve logs). You will see every redirection Chrome got. This way you will see what is looping. My guess is that the '=' sign is messing things up.
I'm setting up a Virtual Hosts file on my CentOS 7 box and I'm having trouble getting my domain to resolve correctly.
Here's what my current /etc/httpd/conf.d/vhost.conf file looks like
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin webmaster#domain.com
ServerName www.domain.com
ServerAlias domain.com
DocumentRoot /var/www/html/domain.com/public_html/
ErrorLog /var/log/httpd/error.log
CustomLog /var/log/httpd/access.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =www.domain.com [OR]
RewriteCond %{SERVER_NAME} =domain.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
It seems the the correct redirects are happening. For exmaple:
domain.com redirects to https: //www.domain.com
www works fine
BUT
https: //domain.com doesn't work
http ://domain.com doesn't work
In fact, if I remove the redirects I have set, domain.com ins't working at all, so it looks like the ServerAlias is broken?
I'm wondering if I need another redirect or is there some other step I'm missing?
Also, don't mind the spaces between http and the domain name. StackOverflow made me format it that way.
As presented, no request to anything https will ever work. Normal, you only have a VirtualHost on port 80. You do have a Listen directive for that port right?
For your redirections. It says: if you ask for http://www.example.com or http://example.com, redirect to https://<WHAT THE USER ASKED FOR>. In essence you are forcing your users to use https all the time, no problem there. But you do not have a VirtualHost on port 443, hence no response.
So:
Listen *:80
<VirtualHost *:80>
ServerName www.example.com
ServerAlias example.com
ErrorLog /var/log/httpd/80_error.log
CustomLog /var/log/httpd/80_access.log combined
RewriteEngine on
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
</VirtualHost>
Listen *:443
<VirtualHost *:443>
ServerName www.example.com
# in case users do directly to https
ServerAlias example.com
DocumentRoot /var/www/html/domain.com/public_html/
DocumentIndex index.html
ErrorLog /var/log/httpd/443_error.log
CustomLog /var/log/httpd/443_access.log combined
# SSL CONFIGURATIONS, TODO!
</VirtualHost>
In your *:443 VH, you will have to configure certificates and SSL.
Your certificates will have to be valid for both www.example.com and example.com to avoid browser complaints.
Careful there might be an ssl.conf included file under conf.d that defines some of this. Make sure you only set it once to avoid confusion.
No need to define DocumentRoot in *:80 VH since it only redirects and does not respond content to client.
Have fun!
I solved the issue. I had my local hosts file configured to point to an old out of date IP address……
domain.com *bad ip address*
I'm so embarrassed. I must have set that up months ago and forgot.
I have just installed SSL certs on a variety of sites. They work fine if I go directly to the https version of the site, but when I go to the http version, I get: "Reason: You're speaking plain HTTP to an SSL-enabled server port."
This is what SHOULD work but does NOT...
RewriteCond %{HTTPS} off
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Nor does any version of it
!=on =80 !=443, etc.
I even tried putting this in the vhost.conf file on the server.
My developers and I are out of ideas and we, shockingly, cannot find anything with the almighty Google to help us. Anyone have any thoughts?
Have you tried these from the Apache HTTPD wiki?
https://wiki.apache.org/httpd/RedirectSSL
https://wiki.apache.org/httpd/RewriteHTTPToHTTPS
Ok, so in case others come across this issue, I wanted to update now that I've finally fixed. For us, we had some other stuff in our vhost.conf file that was interfering. Once I wiped it out and took some of this other advice, this is the code that ended up working in vhost.conf. The .htaccess file now has nothing in it as it is not needed.
## -- VIRTUAL HOSTS -- ##
NameVirtualHost *:80
<VirtualHost *:80>
ServerName dev.example.net
Redirect permanent / https://dev.example.net/
</VirtualHost>
<VirtualHost *:443>
#-SERVER CONFIG-#
ServerAdmin webmaster#example.net
ServerName dev.example.net
ServerAlias dev.example.net
DocumentRoot /var/www/html/example
#-SSL-#
SSLEngine On
SSLProtocol all -SSLv2
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
SSLCertificateFile /etc/httpd/conf/ssl.crt/...
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/...
SSLCACertificateFile /etc/httpd/conf/ssl.crt/...
SSLCertificateChainFile /etc/pki/tls/certs/...
SSLCACertificateFile /etc/pki/tls/certs/...
#-LOGGING-#
ErrorLog /var/www/html/example/error_log
</VirtualHost>
I am using these rewrite rules to redirect my http request to https on my application with SSL certs.
RewriteEngine Off
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
I think your problem comes very early, even before mod_rewrite is applied on the request.
Your VirtualHost listening on port 80 is an https virtualhost, but browsers are trying to speak plain http on port 80, and that does not work.
On Apache SSL is activated with :
SSLEngine on
This instruction should only be activated for your Virtualhost listening on *:443 (or any variations of something:443).
You should add some Virtualhost listening on port 80, supporting a bunch of ServerName and ServerAlias that could be used on that server (or maybe all the names, by ensuring this Virtualhost is the default one for port 80), and whose only job is to redirect on port 443.
here you can use links provided by #Anand Bhat to perform this task (and mod_rewrite is not needed).
But all theses 'redirect to https' tasks assume that you already have a working Virtualhost where https is not activated. Because if https is activated everywhere you cannot even start a discussion with the server to receive a redirection, there're no 'plain http' canal to receive this response or even to start asking for something.
I have enabled https and can navigate application using HTTP and HTTPS without rewrite. Apache 2.2.24. But I see a strange behavior:
Receiving 400 bad request if passing http://hostname.com/XXX but works fine with url/xxx/ Don’t know how / can help to redirect to https.
Also, enabled the rewrite with following in httpd.conf but don’t see a difference.
Also, HTTP redirection is not working.
Rewrite Engine
RewriteEngine On
now the rewriting rules
RewriteCond %{SERVER_PORT} !^443$
RewriteRule .* https://hostname.com/XXX [R,L]`
The simpliest way to do that is to make 2 virtualhosts, one listening on IP:80 (HTTP) redirecting to HTTPS and the other listening on IP:443 (HTTPS).
<VirtualHost private_ip_of_your_server:80>
ServerName www.mywebsite.com
ErrorLog /var/log/apache/http_www_mywebsite_com_error.log
CustomLog /var/log/apache/http_www_mywebsite_com_access.log combined
RedirectPermanent / https://www.mywebsite.com/
</VirtualHost>
<VirtualHost private_ip_of_your_server:443>
ServerName www.mywebsite.com
ErrorLog /var/log/apache/https_www_mywebsite_com_error.log
CustomLog /var/log/apache/https_www_mywebsite_com_access.log combined
</VirtualHost>
Don't forget to add the two associated NameVirtualHost directives:
- NameVirtualHost private_ip_of_your_server:80
- NameVirtualHost private_ip_of_your_server:443
Regards
I have an issue using mod_rewrite to force redirection of HTTP requests to HTTPS using Apache 2.2.22 on Ubuntu Server 12.04.
My /etc/apache2/sites-available/default file is as follows:
<VirtualHost *:80>
RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
</VirtualHost>
The HTTPS host is defined in default-ssl in the same directory.
Visiting the server's local IP address, the redirect appears to work fine. However, accessing it via the FQDN, it doesn't. Using the FQDN, the site is available at port 5443, which is mapped in the firewall to 443 on the server, so perhaps that has something to do with the problem. I cannot just use port 443 directly, as it is in use on this IP address by another server.
To further clarify, the following are valid links:
https://website:5443
https://192.168.200.80:443
The redirect works here:
http://192.168.200.80
But the following gives a 400 Bad Request, and this is where the redirect is needed:
http://website:5443/
"Your browser sent a request that this server could not understand.
Reason: You're speaking plain HTTP to an SSL-enabled server port.
Instead use the HTTPS scheme to access this URL, please."
This is totally possible. The following redirects all http to the https url.
<VirtualHost *:80>
ServerName mydomainname.com
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>
make sure you load the rewrite module mod_rewrite and enable it.
Your problem here is the initial HTTP request: This won't work as the server won't understand it receiving the request on port 443 (as the response code suggests).
If no port is given, the protocol http defaults to port 80, https to port 443.
This is also the reason why your local redirect works. I bet, if you access the page through http://website/ (with proper port forwarding of port 80), it will work as well. Also note that your VirtualHost is only defined for port 80 anyway, so it won't be valid for requests sent to website:5443 (or website:443).
In general, you'd need a server accepting both HTTP and HTTPS requests on a single port. Not sure any popular server actually supports something like that, because (I think) it essentially violates the specs.
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
if u want to redirect your site from http:// anything.example.com to https: //anything.example.com ... Just create a dedicated hosting .conf file as /etc/httpd/conf.d/dedicated.conf and other conf file as virtual.conf ... entries for dedicated.conf are as follows....
this is dedicated server hosting conf file for redirecting it to https...
<virtualhost *:80>
servername host.example.com
documentroot /var/www/html
rewriteengine on
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
sslcertificatefile /etc/pki/tls/certs/name.crt
sslcertificatekeyfile /etc/pki/tls/private/name.key
</virtualhost>
<directory /var/www/html>
allowoverride all
require all granted
</directory>
Alternatively as mentioned in comment below, we can use redirect also:
<virtualhost *:80>
servername host.example.com
documentroot /var/www/html
RedirectMatch / https://host.example.com:ANY_PORT/ #if there is specific port
sslcertificatefile /etc/pki/tls/certs/name.crt
sslcertificatekeyfile /etc/pki/tls/private/name.key
</virtualhost>
<directory /var/www/html>
allowoverride all
require all granted
</directory>