I have a website in an apache server and a mail server in the same machine. I want the port 80 request redirecting to https 443 port, so I put it in the vhost configuration.
I also want an autoconfig (Mozilla thunderbird use) for my mailserver. However I need to put a config-v1.1.xml accessible on port 80.
The problem is when I request http://example.com it's does not redirect to https://example.com like I want to but it redirects to the autoconfig.
Is there a way to keep autoconfig and have a redirection to https://example.com ?
I have setup a dns record for autoconfig.example.com and call it in vhost file but when I type mysite.com, it still goes in the autoconfig.
Any clues ?
Thanks
Here is the autoconfig.conf
Listen 80
Listen 443
<VirtualHost 178.33.235.19:80>
ServerName autoconfig.example.com
DocumentRoot /var/www/html/autoconfig/
<Directory /var/www/html/autoconfig>
Order allow,deny
allow from all
</Directory>
</VirtualHost>
And the site vhost example.conf
<VirtualHost *:80>
ServerName example.com
ServerAlias www.example.com
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
</VirtualHost>
<VirtualHost _default_:443>
ServerAdmin admin#example.com
DocumentRoot /var/www/html/example/
DirectoryIndex index.php
ServerName example.com
ServerAlias www.example.com
#SSL Config
SSLCipherSuite RC4-SHA:AES128-SHA:HIGH:!aNULL:!MD5
SSLHonorCipherOrder on
SSLCertificateFile /etc/httpd/ssl/STAR_example_com.crt
SSLCertificateKeyFile /etc/httpd/ssl/STAR_example_com.key
SSLCertificateChainFile /etc/httpd/ssl/COMODORSADomainValidationSecureServerCA.crt
<Directory /var/www/html/>
Options FollowSymLinks Indexes MultiViews
AllowOverride All
LogLevel crit
Require all granted
</Directory>
ErrorLog /var/log/apache/example-error_log
CustomLog /var/log/apache/example-access_log common
</VirtualHost>
Related
I'm have a an Apache HTTP server that has a reverse proxy to a tomcat server. However, I only want the reverse proxy to happen when the client uses the subdomain www. This is because I want to use other subdomains to point to other applications, such as email.
e.g. www.example.com will go display the apache tomcat webapp.
The way to do this, I presume, is to configure my DNS so that every subdomain I use will point to my server. Right now, in addition to www, that is server.example.com and posfixadmin.example.com. However, the issue is that all my subdomains end up pointing to tomcat.
So when I try to visit postfixadmin.example.com/setup.php to set up postfixadmin through its web setup, it ends up taking me to my tomcat webapp's 404.
Here is my virtualhost configuration:
<VirtualHost www.example.com:80>
ServerName http://www.example.com
ProxyPass / http://localhost:8080
ProxyPassReverse / http://localhost:8080
</Virtualhost>
<VirtualHost server.example.com:80>
ServerName server.example.com
DocumentRoot /var/www/html/
RewriteEngine on
RewriteCond %{SERVER_NAME} =server.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} {END,NE,R=permanent}
</VirtualHost>
<VirtualHost postfixadmin.example.com:80>
ServerName postfixadmin.example.com
DocumentRoot /var/www/postfixadmin/public
ErrorLog /var/log/httpd/postfixadmin_error.log
CustomLog /var/log/httpd/postfixadmin_access.log combined
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/postfixadmin/public>
Options FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>
EDIT
It looks like the proxy conf file doesn't do anything (??). I decided to experiment around and change the first virtualhost servername to the following:
<VirtualHost *:80>
ServerName abcd.example.com
ProxyPass / http://localhost:8080
ProxyPassReverse / http://localhost:8080
</Virtualhost>
Then, I restarted and reloaded Apache...But for some reason, going to www.example.com STILL took me to the tomcat webapp! Does anyone know what drives this?
As to the DNS: I have set specific CNAME entries for each subdomain including www; all of them point back to the public IP of my server that houses my example.com domain (using # in my case - possible with most DNS, I think). There may be some different strategies on this, but I believe you're on the correct path based on what you've suggested in the question.
As to Apache configuration:
I believe that the http protocol does not need to be specified in the ServerName directive and that, generally, the domain need not appear inside the <VirtualHost>...</VirtualHost> tags.
I should mention that I am relatively unfamiliar with Tomcat but am assuming it is listening at 8080 on the localhost, in which case this should help.
I'm not 100% certain that that is all that is snarling you, but try trimming that ServerName back and doing like so, including the change to the VirtualHost open tag:
<VirtualHost *:80>
ServerName www.example.com
ProxyPass / http://localhost:8080
ProxyPassReverse / http://localhost:8080
</Virtualhost>
Your second <VirtualHost> probably requires similar changes, though it also seems that you are directing it to serve requests from the web/network which are coming in on port 8080 -- which I don't believe is your intent.
I think what you want is to also listen on port 80 from the web/network, but to follow these directives if addressed to server.example.com like so:
<VirtualHost *:80>
ServerName server.example.com
DocumentRoot /var/www/html/
RewriteEngine on
RewriteCond %{SERVER_NAME} =server.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} {END,NE,R=permanent}
</VirtualHost>
And finally, similar change to the opening <VirtualHost> tag on the final one:
<VirtualHost *:80>
ServerName postfixadmin.example.com
DocumentRoot /var/www/postfixadmin/public
ErrorLog /var/log/httpd/postfixadmin_error.log
CustomLog /var/log/httpd/postfixadmin_access.log combined
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/postfixadmin/public>
Options FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>
Altogether, this seems more like what you're looking for:
<VirtualHost *:80>
ServerName www.example.com
ProxyPass / http://localhost:8080
ProxyPassReverse / http://localhost:8080
</Virtualhost>
<VirtualHost *:80>
ServerName server.example.com
DocumentRoot /var/www/html/
RewriteEngine on
RewriteCond %{SERVER_NAME} =server.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} {END,NE,R=permanent}
</VirtualHost>
<VirtualHost *:80>
ServerName postfixadmin.example.com
DocumentRoot /var/www/postfixadmin/public
ErrorLog /var/log/httpd/postfixadmin_error.log
CustomLog /var/log/httpd/postfixadmin_access.log combined
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/postfixadmin/public>
Options FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>
I got it!
It turns out that the problem was in the ssl configuration file - the :443 ports were overlapping.
Thanks for the help!
httpd.conf:
Include conf.d/ports.conf
IncludeOptional sites-enabled/*.conf
conf.d/ports.conf
Listen 80
Listen 443
sites-enabled/example.com.conf
<VirtualHost *:80>
ServerName example.com
ServerAlias www.example.com
Redirect permanent / https://example.com/
</VirtualHost>
<VirtualHost *:443>
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/example.com/public_html
SSLEngine on
SSLCertificateFile /etc/httpd/ssl/example.com.certificate.pem
SSLCertificateKeyFile /etc/httpd/ssl/example.com.key.key
<Directory /var/www/example.com/public_html/>
Options +FollowSymlinks
AllowOverride All
Require all granted
</Directory>
ErrorLog /var/log/httpd/example.com.error.log
CustomLog /var/log/httpd/example.com.access.log combined
ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9000/var/www/example.com/public_html/$1
DirectoryIndex index.php index.html
</VirtualHost>
... but it just gives me "too many redirects" for any combination (www, non-www, http or https).
Currently my server has 1 website running on https/ssl. The thing is when i enable a second vhost, also with https/ssl, the first website I have running is now using the ssl cert of the new website.
I have tried putting the two websites in a single vhost file, didn't work so I made 2 seperate files instead.
Here are my vhost config files:
(Naming them websiteZ and website Y because of alfabetical order they are in)
vhost current running website .conf
<VirtualHost *:80>
ServerAlias *.websiteZ.nl
Redirect 301 / https://websiteZ.nl
</VirtualHost>
NameVirtualHost *:443
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName www.websiteZ.nl
DocumentRoot "/var/www/html/websites/websiteZ.nl/public"
<Directory "/var/www/html/websites/websiteZ.nl/public">
Require all granted
Options Includes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/websiteZ.nl/certificate.crt
SSLCertificateKeyFile /etc/apache2/ssl/websiteZ.nl/certificate.key
SSLCertificateChainFile /etc/apache2/ssl/websiteZ.nl/cabundle.crt
</VirtualHost>
</IfModule>
new website with ssl .conf
<VirtualHost *:80>
ServerName websiteY.nl
ServerAlias www.websiteY.nl
RewriteEngine On
RewriteCond %{SERVER_PORT} !443
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
RewriteRule ^(/(.*))?$ https://%{HTTP_HOST}/$1 [R=301,L]
DocumentRoot "/var/www/html/websites/websiteY.nl/public/"
<Directory "/var/www/html/websites/websiteY.nl/public/">
Require all granted
Options Includes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName www.websiteY.nl
DocumentRoot "/var/www/html/websites/websiteY.nl/public"
<Directory "/var/www/html/websites/websiteY.nl/public">
Require all granted
Options Includes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
SSLStrictSNIVHostCheck on
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/websiteY.nl/certificate.crt
SSLCertificateKeyFile /etc/apache2/ssl/websiteY.nl/certificate.key
SSLCertificateChainFile /etc/apache2/ssl/websiteY.nl/cabundle.crt
</VirtualHost>
</IfModule>
ports.conf
NameVirtualHost *:80
NameVirtualHost *:443
Listen 80
<IfModule mod_ssl.c>
Listen 443
</IfModule>
<IfModule ssl_module>
Listen 443
</IfModule>
<IfModule mod_gnutls.c>
Listen 443
</IfModule>
I looked up the SNI thing, but I think i'm missing something. The way I understand it is that I have to use NameVirtualHost to make it work.
The server is running on AWS ece2 with Ubuntu 16.04.2
The problem occors when i type in terminal:
a2ensite websiteY.conf
When I do that websiteZ will lose it's https cert and will show a big red cross wich says: NOT SECURE! When you click to proceed it links to websiteY
I am a little bit out of options, can someone help me out? Thanks!
When you enter www.websiteZ.nl without https, the request will first be caught by
<VirtualHost *:80>
ServerAlias *.websiteZ.nl
Redirect 301 / https://websiteZ.nl
</VirtualHost>
and therefore redirected to https://websiteZ.nl
Since none of your :443 Virtual Hosts has neither ServerName or ServerAlias configured with websiteZ.nl, then the one from alphabetically first .conf file will be used, which is in this case the one with websiteY cert.
I get slightly crazy :)
I have a domain example.com and I have a SSL certificate for www.example.com
The example.com refers to the IP address of the server (it is an EC2 instance).
In the vhost.conf of the Server I have the following entries
<VirtualHost *:80>
ServerName example.com
Redirect permanent / https://www.example.com/
</VirtualHost>
<VirtualHost _default_:443>
ServerName www.example.com
DocumentRoot /var/www/vhosts/example-wp
SSLEngine On
...
</VirtualHost>
I took the information from the apache wiki.
https://wiki.apache.org/httpd/RedirectSSL
Thanks for helping
Tristan
You already have the necessary directives listed to perform the redirect. You also need to tell the vhost file where your certificate and key for the certificate exist. You also need to say whether or not a directory the user browses to is to load SSL. Please see a full example configuration file below.
<VirtualHost *:80>
ServerName www.example.com
ServerAlias example.com
Redirect / https://www.example.com/
</VirtualHost>
<VirtualHost *:443>
ServerName www.example.com
ServerAlias example.com
ServerAdmin webmaster#local
DocumentRoot /path/to/web/content
DirectoryIndex index.php index.html
ErrorLog logs/error_log
CustomLog logs/access combined
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/apache2/ssl.crt/certfile.cer
SSLCertificateKeyFile /etc/apache2/ssl.key/keyfile.key
<Directory "/path/to/web/content/">
Options None
AllowOverride None
Order allow,deny
Allow from all
SSLRequireSSL
</Directory>
</VirtualHost>
When i want to redirect from http to https it's redirect me to an other website on the same server
this is my first website : https://www.linaktob.com
the second website : https://www.fevrok.com
when i login to the first website from https OR 443 works fine
but when i login from http OR port 80 it's redirect to the second website
this is my apache configuration for the first website :
<VirtualHost *:80>
ServerName linaktob.com
DocumentRoot /var/www/linaktob.com/public
Redirect permanent / https://www.linaktob.com/
</VirtualHost>
<VirtualHost *:443>
ServerAdmin admin#linaktob.com
ServerName linaktob.com
ServerAlias www.linaktob.com
DocumentRoot /var/www/linaktob.com/public/
SSLEngine On
SSLCertificateFile /etc/ssl/linaktob/www.linaktob.com.crt
SSLCertificateKeyFile /etc/ssl/linaktob/www.linaktob.com.key
SSLCACertificateFile /etc/ssl/linaktob/www.linaktob.com.ca-bundle
ErrorLog /var/www/linaktob.com/logs/error.log
CustomLog /var/www/linaktob.com/logs/access.log combined
<Directory /var/www/linaktob.com/public/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
Your VirtualHost for port 80 is missing a ServerAlias www.linkatob.com.
Because of this, http://www.linkatob.com/:80 will not be served by this VirtualHost but by the default entry - which appears to be your other website.
Add the VirtualHost and you're good.