I want to redirect https://www.mydom.com to http://mydom.com
I have an mydom.conf into apache2/sites-available/
mydom.conf:
#HTTP(www/non-www) -> HTTPS(non-www)
<VirtualHost *:80>
ServerName mydom.com
ServerAlias www.mydom.com
Redirect permanent / https://mydom.com/
</VirtualHost>
#ACTIVATE HTTPS AND REVERSE PROXY -> test-1.0.0
<VirtualHost _default_:443>
SSLEngine On
SSLCertificateFile /opt/ssl/new/mydom_com.crt
SSLCertificateKeyFile /opt/ssl/new/mydom_com.key
SSLCertificateChainFile /opt/ssl/new/mydom_com.ca-bundle
BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
ServerName mydom.com
ServerAlias www.mydom.com
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:8080/test-1.0.0/
ProxyPassReverse / http://127.0.0.1:8080/test-1.0.0/
</VirtualHost>
With this mydom.conf It works partial.
Domains http://mydom.com and http://www.mydom.com are redirected to https://mydom.com . This is good.
My problem is at https://www.mydom.com it is not redirected to https://mydom.com, but show the content from https://mydom.com
How I can redirect https://www.mydom.com to https://mydom.com?
Simply create a .htaccess file using vi command in the public_html folder or document root of your website. Add the code below in your .htacess file.
RewriteCond %{HTTP_HOST} ^www.mydom.com$
RewriteCond %{SERVER_PORT} ^443
RewriteRule ^(.*)$ https://mydom.com/$1 [R=301]
If you have an existing .htaccess file in the public_html folder, try to make a backup using the command below:
$ mv .htaccess .htaccess.bak
or
$ cp .htaccess .htaccess.bak
Hope this helps.
You can use multiple vhosts block
<VirtualHost _default_:443>
SSLEngine On
SSLCertificateFile /opt/ssl/new/mydom_com.crt
SSLCertificateKeyFile /opt/ssl/new/mydom_com.key
SSLCertificateChainFile /opt/ssl/new/mydom_com.ca-bundle
BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
ServerName mydom.com
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:8080/test-1.0.0/
ProxyPassReverse / http://127.0.0.1:8080/test-1.0.0/
</VirtualHost>
<VirtualHost _default_:443>
SSLEngine On
SSLCertificateFile /opt/ssl/new/mydom_com.crt
SSLCertificateKeyFile /opt/ssl/new/mydom_com.key
SSLCertificateChainFile /opt/ssl/new/mydom_com.ca-bundle
BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
ServerName www.mydom.com
Redirect permanent / https://mydom.com/
</VirtualHost>
The only thing you need make sure is that certificate is valid for both example.com and www.example.com, so that you don't get https exception before the redirect.
Related
I am using WAMP Server with the following configuration:
Apache 2.4.54
PHP 8.1.8
MySQL 8.0.29
and the Virtualhost at httpd-hosts.conf is:
<VirtualHost *:80>
ServerName localhost
ServerAlias localhost
DocumentRoot "${INSTALL_DIR}/www"
<Directory "${INSTALL_DIR}/www/">
Options +Indexes +Includes +FollowSymLinks +MultiViews
AllowOverride All
Require local
</Directory>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
</VirtualHost>
and at httpd-ssl.conf is:
<VirtualHost _default_:443>
DocumentRoot "${INSTALL_DIR}/www"
ServerName localhost
ServerAdmin webmaster#example.com
ErrorLog "${SRVROOT}/logs/error.log"
TransferLog "${SRVROOT}/logs/access.log"
SSLEngine on
SSLCertificateFile "${SRVROOT}/conf/key/localhost.crt"
SSLCertificateKeyFile "${SRVROOT}/conf/key/localhost.key"
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "${SRVROOT}/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-5]" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0
CustomLog "${SRVROOT}/logs/ssl_request.log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
With the above configuration my WAMP Server opens from the URL:
https://localhost
I have also installed Apache Tomcat 9.0 where it opens from the URL:
http://localhost:8080
My intention is to create a virtualhost i.e.: https://mylocaltomcat with a configuration like the following:
<VirtualHost *:80>
ServerName mylocaltomcat
ServerAlias mylocaltomcat
DocumentRoot "${INSTALL_DIR}/www/tomcat/"
<Directory "${INSTALL_DIR}/www/tomcat/">
Options +Indexes +Includes +FollowSymLinks +MultiViews
AllowOverride All
Require all granted
</Directory>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
# ProxyRequests off
# ProxyPass /.well-known/acme-challenge !
# ProxyPass "${INSTALL_DIR}/www/tomcat" ajp://127.0.0.1:8009/
# ProxyPassReverse "${INSTALL_DIR}/www/tomcat" ajp://127.0.0.1:8009/
</VirtualHost>
and
<VirtualHost _default_:443>
DocumentRoot "${INSTALL_DIR}/www/tomcat"
RewriteEngine On
ServerName mylocaltomcat
ServerAdmin webmaster#example.com
ErrorLog "${SRVROOT}/logs/error.log"
TransferLog "${SRVROOT}/logs/access.log"
SSLEngine on
SSLCertificateFile "${SRVROOT}/conf/key/localhost.crt"
SSLCertificateKeyFile "${SRVROOT}/conf/key/localhost.key"
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "${SRVROOT}/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-5]" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0
CustomLog "${SRVROOT}/logs/ssl_request.log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
# ProxyRequests off
# ProxyPass /.well-known/acme-challenge !
# ProxyPass "${INSTALL_DIR}/www/tomcat" ajp://127.0.0.1:8009/
# ProxyPassReverse "${INSTALL_DIR}/www/tomcat" ajp://127.0.0.1:8009/
</VirtualHost>
The Proxy lines are commented (#) as it was my effort to make the whole thing to work, but unfortunately it didn't.
The modules I have activated in Apache are:
I think I am missing something or even more stuff, but I cannot figure out how to proceed.
Any help would be greatly appreciated.
Edited - Fixed!
I figured out what the correct lines were for the proxy in order for it to work:
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:8080/
ProxyPassReverse / http://127.0.0.1:8080/
and I thought about sharing it.
Now it works as expected!
I have an SSL certificate from Certbot for "mysite". When I use FF or Chrome to go to mysite (with or without using the http:// prefix) I get to the non-SSL site. No redirect happens. But when I use Edge, my redirect works and I automatically get to https://mysite. In FF, when I get to the non-SSL site then I reload the page, I DO get to the SSL site. In Chrome, I cannot get to the SSL site, even if I enter the https://. The 2 sites are on the same Windows machine (using Apache server) with virtual hosts for ports 80 and 443. What am I missing?
Here are my virtual host directives:
<VirtualHost *:80>
ServerAdmin dforeman#stny.rr.com
DocumentRoot "${djpath}"
ServerName dforeman.homedns.org
Redirect / https://dforeman.homedns.org
ErrorLog "E:/logfiles/new-v80.log"
# CustomLog logs/dummy-host.example.com-access_log common
</VirtualHost>
<VirtualHost _default_:443>
# DO NOT replace _default_ above
# General setup for the virtual host
DocumentRoot "E:/DJs Documents/apublic_html"
ServerName dforeman.homedns.org
ServerAdmin dforeman#stny.rr.com
ErrorLog "E:/logfiles/verror.log"
TransferLog "E:/logfiles/vhttp-access.log"
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
SSLCertificateFile "C:/fullchain.pem"
SSLCertificateKeyFile "C:/privkey.pem"
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "${SRVROOT}/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
</VirtualHost>
Here is what I use in my https forwards:
<VirtualHost *:80>
ServerAdmin dforeman#stny.rr.com
DocumentRoot "${djpath}"
ServerName dforeman.homedns.org
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
ErrorLog "E:/logfiles/new-v80.log"
# CustomLog logs/dummy-host.example.com-access_log common
</VirtualHost>
Note: I don't use .htaccess files to achieve this.
as the title say i have difficulties to enable AllowEncodedSlashes in Ubuntu
i put
AllowEncodedSlashes On
inside /etc/apache2/apache2.conf and inside /etc/apache2/sites-available/default but still got 404 page after access url with encoded slashes
I was searching a lot for this. But can't find a clear answer for Ubuntu 14.4 and Apache 2.4.7 . I figured it out. Here's what I did:
Go to /etc/apache2/sites-available
Open the 000-default.conf file.
add AllowEncodedSlashes NoDecodeinside the <VirtualHost> tag
Save and restart Apache.
** apache2.conf modification is not needed. Modify only 000-default.conf file and not default-ssl.conf
You should use
<VirtualHost *:80>
AllowEncodedSlashes On
ProxyPreserveHost On
ProxyRequests Off
ServerName www.domain.com
ServerAlias domain.com
Redirect permanent / https://example.com/
</VirtualHost>
If your domain is secure with ssl certificate then you shuold also use with 443 port
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster#localhost
ServerName example.com
DocumentRoot /var/www/html
ProxyPreserveHost On
AllowEncodedSlashes On
ProxyRequests Off
ProxyPass / http://localhost:3000/
ProxyPassReverse / http://localhost:3000/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCertificateFile /home/ubuntu/domain.com/example.com.crt
SSLCertificateKeyFile /home/ubuntu/domain.com/example.com.key
SSLCertificateChainFile /home/ubuntu/domain.com/intermediate.crt
SSLCACertificateFile /home/ubuntu/domain.com/intermediate.crt
<FilesMatch “\.(cgi|shtml|phtml|php)$”>
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch “MSIE [2–6]” \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
BrowserMatch “MSIE [17–9]” ssl-unclean-shutdown
</VirtualHost>
</IfModule>
I have Debian host that runs my Meteor application on NodeJS that listens: 127.0.0.1:3999
I also have a domain register https://example.com that welcomed with Apache and proxied to my Meteor application.
I have problem with DDP Connection.
my connection link is ws://example.com/websocket
I set the ProxyPass settings as following:
<VirtualHost *:443>
ServerName example.com
ServerAlias www.example.com
SSLEngine on
SSLProxyEngine On
ProxyRequests Off
SSLCertificateFile /etc/apache2/ssl/www.example.crt
SSLCertificateKeyFile /etc/apache2/ssl/www.example.key
SSLCertificateChainFile /etc/apache2/ssl/sub.class1.server.ca.pem
ProxyPass /websocket ws://localhost:3999/websocket
ProxyPassReverse /websocket ws://localhost:3999/websocket
ProxyPassMatch ^/sockjs/(.*)/websocket ws://localhost:3999/sockjs/$1/websocket
ProxyPass / http://localhost:3999/
ProxyPassReverse / http://localhost:3999/
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# MSIE 7 and newer should be able to use keepalive
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
</VirtualHost>
And
<VirtualHost *:80>
ServerName example.com
ServerAlias www.example.com
ProxyRequests off
RewriteEngine on
ReWriteCond %{SERVER_PORT} !^443$
# This allows DDP clients like ObjectiveDDP and Meteor-Unity to connect
RewriteRule ^/websocket wss://%{HTTP_HOST}/websocket [NC,R,L]
# This allows the meteor webapp to connect
RewriteRule ^/sockjs/(.*)/websocket wss://%{HTTP_HOST}/sockjs/$1/websocket [NC,R,L]
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
</VirtualHost>
The solution I found is not to use debian, instead use ubuntu, so Apache 2.6 would be available. mod_proxy_wstunnel has solved the problem with v2.6.
I have a strange issue where my virtual hosts are not being restricted when I set them up with SSL. Everything works as expected except for the fact that the virtual host is not limited to just the name. For example, if I browse to https://qa.example.com/, I am served the correct page. However, if I browse to https://foo.example.com/, I am served the same page! I've read the named-based configs at http://httpd.apache.org/docs/2.2/vhosts/name-based.html, so I'm at a loss.
Here is my /etc/apache2/sites-enabled/mysite-ssl file (I'm using Ubuntu 12.04):
<IfModule mod_ssl.c>
<VirtualHost *:443>
<IfModule dir_module>
DirectoryIndex login.html
</IfModule>
ServerAdmin admin#example.com
ServerName qa.example.com
DocumentRoot /var/www/example
<Directory />
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
JkMount /axonify/* worker1
ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined
SSLEngine on
SSLCertificateFile "/etc/ssl/certs/star.example.com.crt"
SSLCertificateKeyFile "/etc/ssl/private/star.example.com.key"
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# MSIE 7 and newer should be able to use keepalive
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
</VirtualHost>
</IfModule>
My /etc/apache2/ports.conf file is where I define the NameVirtualHost entry:
NameVirtualHost *:80
Listen 80
<IfModule mod_ssl.c>
NameVirtualHost *:443
Listen 443
</IfModule>
<IfModule mod_gnutls.c>
NameVirtualHost *:443
Listen 443
</IfModule>
Now my /etc/apache2/sites-enabled/000-default file is also very simple:
<VirtualHost *:80>
ServerAdmin admin#example.com
RewriteEngine on
ReWriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
</VirtualHost>
I do not have a default-ssl site deployed, and I only have the single SSL-enabled site deployed.
I've solved the issue. Seems that I needed the default-ssl file, which specifies the <VirtualHost _default_:443> entry that acts as the fallback for any unmatched virtual hosts.