forcing Codeigniter HMVC to use SSL - apache

I have a website build with Codeigniter HMVC. On my local machine using Wamp it runs like it should. I want to upload it to my webserver that has an SSL certificate.
No matter what i try, i cant get the website to run on my webserver. I have tried following this :
How to force ssl in codeigniter?
But none of the given solutions work in my situation.
my .htaccess file looks like this :
Options +FollowSymLinks
Options -Indexes
DirectoryIndex index.php
RewriteEngine on
RewriteCond $1 !^(index\.php|images|robots\.txt)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1 [L,QSA]
in config.php of codeigniter i have :
$config['base_url'] = 'https://www.example.com/';
my webserver is an ubuntu 16 machine with apache, using an letsencrypt certificate. mod rewrite is enabled, but besides that is a standard configuration.
I have tried redirecting with hooks as mentioned in the link above, but to no avail. I have also tried various .htaccess file configuration but also no result there.
Is there anyone who has this running on their server?
regards,
sander

Because you say,
my webserver is an ubuntu 16 machine
I assume you are not using a shared server from a hosting provider and so you have complete access to Apache's configuration files. If that is true then you should not use .htaccess files. Read THIS and THIS to learn why.
I also assume you have a set of Apache "sites-available" files that define <VirtualHost> configs. It is inside those <VirtualHost> blocks where you should be placing the code you currently have in .htaccess.
To redirect all http requests to https try this as the contents of the "default" site in a "sites-available" configuration file e.g. "000-default.conf"
<VirtualHost *:80>
ServerName www.example.com
ServerAlias example.com
RedirectMatch 301 (.*) https://www.example.com$1
</VirtualHost>
What this will do is take any http request and immediately redirect to the https: URL. If you are using some other port besides the typical :80, adjust accordingly.
As mentioned, you can do the rewriting in a VirtualHost. Here's an example for the https: config file (maybe named along the lines of "020-example-443.conf")
<VirtualHost *:443>
ServerName www.example.com
ServerAlias example.com
DocumentRoot /var/www/whatever
ServerAdmin web-boss#example.com
<Directory /var/www/whatever>
DirectoryIndex index.php
Options -Indexes +FollowSymLinks
AllowOverride All
Require all granted
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?/$1 [PT]
</Directory>
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
# Certificates delivered by certbot - your's maybe elsewhere
SSLCertificateFile /etc/letsencrypt/live/yoursite/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/yoursite/privkey.pem
#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
</VirtualHost>
With these in place, you won't have to do anything special in CodeIgniter except, as you already do, use the following
$config['base_url'] = 'https://www.example.com/';

You must add after RewriteEngine on
<IfModule mod_ssl.c>
RewriteCond %{HTTPS} off
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>

Related

Only the landing page load HTTPS all other pages I get The requested URL was not found on this server

My site works fine on http but using https with a valid certificate will only load the landing page successfully. Trying to hit any other page results in URL not found.
I have a clone of the site on the same server with a different site name (test.mysite.com) working with a self-signed certificate on https. Not sure why one works and the other doesn't.
Apache conf files the are same (except site names).
Is it something with the cert file? I set up the self signed one but someone else set up the paid one.
Where do I look?
/public/.htaccess
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews
</IfModule>
RewriteEngine On
# Redirect Trailing Slashes...
RewriteRule ^(.*)/$ /$1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
php_value max_input_vars 10000
php_value suhosin.get.max_vars 10000
php_value suhosin.post.max_vars 10000
php_value suhosin.request.max_vars 10000
~
site.conf
VirtualHost *:80>
ServerAdmin webmaster#mysite.ca
ServerName registration.mysite.ca
# Indexes + Directory Root.
DirectoryIndex index.php index.html
DocumentRoot /var/www/html/registration.mysite.ca/public
# SSL certs
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/registration.mysite.ca.crt
SSLCertificateKeyFile /etc/apache2/ssl/registration.mysite.ca.key
SSLCACertificateFile /etc/apache2/ssl/gd_bundle-g2-g1.crt
<IfModule mod_security2.c>
SecRequestBodyNoFilesLimit 5242880
</IfModule>
<Directory /var/www/html/registration.mysite.ca/public/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
SSLEngine on in <VirtualHost *:80> is pretty much useless because port 80 will never serve SSL content, so your certificate is definitely not used here.
You must have another <VirtualHost *:443> somewhere, potentially with a different DocumentRoot.
When you load css/js/images are you using src="http://registration.mysite.ca" ? If so change it to src="//registration.mysite.ca" and it should work.
As this is tagged Laravel, I suggest using Laravel Forge to take care of everything like this. Big help for me. As for the question at hand, ensure that the virtual host is set to 443 and then force redirect all traffic to https.
Just add this into apache site config and change the domain. (note HTTPS)
<VirtualHost *:80>
ServerName example.com
Redirect / https://example.com/
</VirtualHost>

Redirect all to https://www.example.com

OK, so I know that nearly every variety of this question has been asked and answered on this forum, and many others, but I just can't seem to get it right. My hope is that if I provide enough specifics, including the process I'm following, that someone will be able to spot my error and correct me. Here goes!
The Specifics
Drupal multi-site
Apache web server
Sites provisioned by Aegir
What I want to accomplish vs what I have accomplished
I want to direct all http and https traffic to https://www.example.com. The following examples marked with a + have been accomplished; the one marked with - eludes me:
+ http://example.com -> https://www.example.com
+ http://www.example.com -> https://www.example.com
+ https://www.example.com -> https://www.example.com #redundant, but at least we know it works
- https://example.com -> https://www.example.com
What I'm doing
Each site has a vhost file generated by Aegir, and each of these vhost files contains two VirtualHost directives:
<VirtualHost 0.0.0.0:443>
<VirtualHost *:80>
I've modified example.com's vhost file to include the following code under the <VirtualHost *:80> directive, which has successfully achieved the three working examples above:
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} ^example\.com$ [NC]
RewriteRule (.*) https://www.example.com$1 [R=301,L]
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</IfModule>
The Problem
What I can't seem to figure out is how to enact the https://example.com -> https://www.example.com rewrite. I've tried many examples found on the Internet under both the <VirtualHost 0.0.0.0:443> and <VirtualHost *:80> directives with no luck.
Also, I'm reloading Apache and clearing my browser's cache after each edit of the vhost file. Any insight, guidance or correction would be much appreciated.
Thanks to all!
Edit:
Below is a redacted version of my vhost file:
<VirtualHost 0.0.0.0:443>
DocumentRoot /var/www/drupal
ServerName example
SetEnv db_type mysql
SetEnv db_name example
SetEnv db_user example
SetEnv db_passwd 1234567
SetEnv db_host somedb
SetEnv db_port 1234
# Enable SSL handling.
SSLEngine on
SSLCertificateFile /ssl.d/example/example.crt
SSLCertificateKeyFile /ssl.d/example/example.key
SSLCertificateChainFile /ssl.d/example/example_chain.crt
ServerAlias example.com
ServerAlias www.example.com
<IfModule mod_rewrite.c>
RewriteEngine on
# this isn't working; neither has anything else that I've tried here.
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>
# Extra configuration from modules:
# Error handler for Drupal > 4.6.7
<Directory "/var/www/drupal/sites/example/files">
<Files *>
SetHandler This_is_a_Drupal_security_line_do_not_remove
</Files>
Options None
Options +FollowSymLinks
# If we know how to do it safely, disable the PHP engine entirely.
<IfModule mod_php5.c>
php_flag engine off
</IfModule>
</Directory>
# Prevent direct reading of files in the private dir.
# This is for Drupal7 compatibility, which would normally drop
# a .htaccess in those directories, but we explicitly ignore those
<Directory "/var/www/drupal/sites/example/private/" >
<Files *>
SetHandler This_is_a_Drupal_security_line_do_not_remove
</Files>
Deny from all
Options None
Options +FollowSymLinks
# If we know how to do it safely, disable the PHP engine entirely.
<IfModule mod_php5.c>
php_flag engine off
</IfModule>
</Directory>
</VirtualHost>
<VirtualHost *:80>
DocumentRoot /var/www/drupal
ServerName example
SetEnv db_type mysql
SetEnv db_name example
SetEnv db_user example
SetEnv db_passwd 1234567
SetEnv db_host somedb
SetEnv db_port 1234
ServerAlias example.com
ServerAlias www.example.com
<IfModule mod_rewrite.c>
# these rules work for everything except:
# https://example.com -> https://www.example.com
RewriteCond %{HTTP_HOST} ^example\.com$ [NC]
RewriteRule (.*) https://www.example.com$1 [R=301,L]
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</IfModule>
# Extra configuration from modules:
# Error handler for Drupal > 4.6.7
<Directory "/var/www/drupal/sites/example/files">
<Files *>
SetHandler This_is_a_Drupal_security_line_do_not_remove
</Files>
Options None
Options +FollowSymLinks
# If we know how to do it safely, disable the PHP engine entirely.
<IfModule mod_php5.c>
php_flag engine off
</IfModule>
</Directory>
# Prevent direct reading of files in the private dir.
# This is for Drupal7 compatibility, which would normally drop
# a .htaccess in those directories, but we explicitly ignore those
<Directory "/var/www/drupal/sites/example/private/" >
<Files *>
SetHandler This_is_a_Drupal_security_line_do_not_remove
</Files>
Deny from all
Options None
Options +FollowSymLinks
# If we know how to do it safely, disable the PHP engine entirely.
<IfModule mod_php5.c>
php_flag engine off
</IfModule>
</Directory>
</VirtualHost>
OK now I get it with the content of your virtualhost.
This is not valid:
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Actually you can't use %{HTTP_HOST} or %{REQUEST_URI} in the RewriteRule part
That's why it's redirecting you to a non-existent host, hence the connection refused error.
You should use this rule in the ssl virtualhost:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^example\.com$ [NC]
RewriteRule (.*) https://www.example.com$1 [R=301,L]
And this one in the non ssl one:
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule (.*) https://www.example.com$1 [R=301,L]
HTH

vHost redirect not working at all

Goal: Redirecting every request to index.php except the files and folders (and their content) listed in the RewriteCond.
A friend did set up the server with me, but hadn't any time to fix this bug yet. The page automatically ends up at HTTPS.
When using this as 000-default.conf (/etc/apache2/sites-enabled/000-default.conf), the page just doesn't redirect to index.php. For example: Accessing www.page.com/uploads/38 works, although it should redirect to www.page.com/index.php. That's quite annoying as I'm emulating a filesystem and don't want to allow access to the files, at least not that way.
a2ensite 000-default.conf: Site 000-default.conf is already enabled
a2enmod rewrite: Module rewrite already enabled
This is my 000-default.conf:
<VirtualHost *:80>
ServerAdmin root#page.com
DocumentRoot /var/www/default
ServerName www.page.com
ServerAlias page.com
RewriteEngine On
<Location />
RewriteBase /
Options -Indexes
Options +FollowSymlinks
RewriteEngine On
RewriteCond %{REQUEST_URI} !^(index\.php|css|fonts|gfx|js|favicon\.ico)
RewriteRule ^(.*)$ index.php [L,QSA]
</Location>
LogLevel warn
ErrorLog ${APACHE_LOG_DIR}/default_error.log
CustomLog ${APACHE_LOG_DIR}/default_access.log combined
</VirtualHost>
<VirtualHost *:443>
ServerAdmin root#page.com
DocumentRoot /var/www/default
ServerName www.page.com
ServerAlias page.com
RewriteEngine On
<Location />
RewriteBase /
Options -Indexes
Options +FollowSymlinks
RewriteCond %{REQUEST_URI} !^(index\.php|css|fonts|gfx|js|favicon\.ico)
RewriteRule ^(.*)$ index.php [L,QSA]
</Location>
LogLevel warn
ErrorLog ${APACHE_LOG_DIR}/default_error.log
CustomLog ${APACHE_LOG_DIR}/default_access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/page.com.crt
SSLCertificateKeyFile /etc/ssl/page.com.key
SSLCertificateChainFile /etc/ssl/comodo-ca.crt
</VirtualHost>
When looking at default_error.log, I often find stuff like this:
Request exceeded the limit of 10 internal redirects due to probable configuration error.
And also:
RSA server certificate CommonName (CN) `page.com' does NOT match server name!?
Thanks in advance.
The %{REQUEST_URI} variable starts with a /, your regex doesn't so that condition will always be true, including when the URI gets rewritten to /index.php, this is causing the loop.
Replace the block with:
RewriteBase /
Options -Indexes
Options +FollowSymlinks
RewriteEngine On
RewriteCond $1 !^(index\.php|css|fonts|gfx|js|favicon\.ico)
RewriteRule ^(.*)$ index.php [L,QSA]
Additionally, I'm guessing you've bought a certificate for the name "page.com", not "www.page.com", which means when you go to "www.page.com" and the browser sees a certificate for "page.com", it'll throw an exception. You need a cert for "www.page.com" (and optionally with "page.com" as an alternate name)/.
EDIT
Hmm, this didn't work for me either inside the <Location /> container. But this worked outside of the container by itself:
RewriteEngine On
RewriteCond $1 !^(index\.php|css|fonts|gfx|js|favicon\.ico)
RewriteRule ^/(.*)$ /index.php [L,R]

Codeigniter controller in subdirectory not working in virtual host

I need help with CodeIgniter -- trying to it to work in virtual host envirnoment in Ampps.
I have been following the following tutorial:
http://net.tutsplus.com/tutorials/php/basecamp-style-subdomains-with-codeigniter/
I am trying to have two installations of CodeIgniter running in two directories:
/students and
/teachers
www.test.com -> goes to /teachers directory
www.user1.test.com -> goes to /students directory
I have the above working on my local machine. The different URL's take me to the correct directory. CI works. Problem arises when I try to access controller using redirect.
if I try to redirect('error') I get:
user2.test.com/user2.test.com/error
Also get an "internal server error"
if I type in
user2.test.com/error
I get an "internal server error"
if I type in
user2.test.com/index.php/error
I get desired result
It works if I try to load view directly in
$this->load->view('error')
I think I need help with the urls and paths. Any guidance most gratefully received.
Nothing particularly enlightening in CI log files
In Apache logs I find:
Request exceeded the limit of 10 internal redirects due to probable configuration error. Use 'LimitInternalRecursion' to increase the limit if necessary. Use 'LogLevel debug' to get a backtrace.
Things I have changed:
htaccess in root - changed rewrite base. Also takes out index.php
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /students/
RewriteCond %{REQUEST_URI} ^system.*
RewriteRule ^(.*)$ index.php?/$1 [L]
RewriteCond %{REQUEST_URI} ^application.*
RewriteRule ^(.*)$ index.php?/$1 [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?$1 [L]
</IfModule>
<IfModule !mod_rewrite.c>
ErrorDocument 404 index.php
</IfModule>
application/config.php
$config['base_url'] = $_SERVER['HTTP_HOST'];
As per tutorial. Needs to be dynamic.
my Apache hppd-vhosts.conf file
NameVirtualHost 127.0.0.1:80
NameVirtualHost *:80
<VirtualHost *:80>
DocumentRoot "C:/Program Files/Ampps/www/teachers"
ServerName test.com
ServerAlias test.com
<Directory "C:/Program Files/Ampps/www/teachers">
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
<VirtualHost *:80>
DocumentRoot "C:/Program Files/Ampps/www/students"
ServerName test.com
ServerAlias *.test.com
<Directory "C:/Program Files/Ampps/www/students">
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
index.php in root
kept as is. Things got worse when I tried to change these
$system_path = 'system';
$application_folder = 'application';
what about your host file? your host file should be 127.0.0.1 test.com and first try to disable the student sub domain and see if it dose work. Its look like your both ServerName test.com is same try to change the other one with student.com and see whats happen most probably both are conflicting

Redirect address with folder structure to https?

I want to make sure all my traffic is on ssl even if they type http. But I also want it to pass the folders so mod_rewrite will still work. I tried this poor example but it does not work. Basicly I if they type http://mydomain.com/apage it will redirect to https://mydomain.com/apage
Server: Apache2, LAMP stack.
.htaccess
RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule ^(/) https://%{HTTP_HOST}%{REQUEST_URI} [NC,R=301,L]
I am open to tweaking a virtual host files for Apache but I have not seen it done like that before. This is my first adventure into ssl hosting.
Just replacing http with https
RewriteCond %{HTTPS} !on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
I suggest not using mod_rewrite or htaccess if you have access to httpd.conf.
If you want to force all users to use https (a good idea) you can add something like this to httpd.conf:
<VirtualHost 1.2.3.4:80>
ServerName SSL.EXAMPLE.COM
CustomLog /var/log/httpd/EXAMPLE.access_log combined
ErrorLog /var/log/httpd/EXAMPLE.error_log
Redirect / https://ssl.example.com/
</VirtualHost>
<VirtualHost 1.2.3.4:443>
ServerName ssl.example.com
DocumentRoot /var/www/html
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite HIGH:MEDIUM
.
.
.
</VirtualHost>
<Directory /var/www/html>
#If all else fails, this will ensure nothing can get in without being encrypted.
SSLRequireSSL
</Directory>