site1.com does not have https enabled and no SSL cert installed.
site2.com does have https enabled.
When a site visitor requests https://site1.com, they receive a SSL certificate mismatch error and if they click 'proceed anyway', they are sent to https://site2.com
What can I do to either host, to redirect the traffic back to site1.com, while removing the https, since site1.com does not have an SSL cert?
I tried this in the .htaccess file of site2.com
RewriteEngine on
#if the request is actually for site1 forward them to site1
RewriteRule "^site1.com" "http://site1.com" [R]
#if the request is actually for site1 (with www prefix) forward them to site 1
RewriteRule "^www.site1.com" "http://site1.com" [R]
Related
Please forgive what may sound like a similar question to what has been asked, however, I am VERY new to XAMPP and Apache and I have tried all possible combinations of the Rewrite Rules mentioned in other threads, which I have placed in the httpd.conf, httpd-default.conf and also in .htaccess and I simply cannot get the rewrite rules to work.
I simply want to redirect example.com to www.example.com. Please note that my redirect from HTTP to HTTPS is working 100%, so if someone can please advise on exactly where I should place the rewrite rule, and which one to use, to force non-www to www, I would be most appreciative.
I have full access to the server so I can edit either .conf or .htaccess files. Also I have checked and the part in httpd.conf that allows overrides to read the .htaccess files is enabled. The .htaccess file is currently in the same folder where my website lies. Just to add, I don't get any error, it just says the page has timed out if I type in example.com, if I type www.example.com then the page loads as expected.
Try this in your .htaccess file:
Replace example.com with your url.
RewriteEngine on
RewriteCond %{HTTP_HOST} ^example.com [NC]
RewriteRule ^(.*)$ https://www.example.com/$1 [L,R=301,NC]
The connection has timed out
This is a DNS or server config error. The request is not even reaching your server, or your server is not responding to the request. (So any attempt to implement a redirect will naturally fail.)
A quick check of the DNS for example.com and www.example.com shows they are pointing to different IP addresses (you have an A record configured for each). The example.com host is 1 digit different and would appear to be incorrect (the IP address does not respond to requests, hence the "time out").
Instead of having a separate A record for each hostname. If the www subdomain is supposed to point to the same site as the domain apex (ie. example.com) then configure a CNAME record instead that points www.example.com to example.com (this is not a "redirect").
You then need to ensure that your server will accept requests to the non-www hostname. For example:
ServerName example.com
ServerAlias www.example.com
(It's possible you have the ServerName and ServerAlias reversed - which is "OK".)
And the SSL cert needs to cover the non-www hostname (it does).
You can then implement your non-www to www HTTP redirect as mentioned.
I'm using Apache 2.4 on Windows Server 2008 R2.
On the server itself and all company-internal clients, HTTP works fine and HTTPS works fine. Redirecting from HTTP to HTTPS also works fine.
On clients outside the company (i.e., a home machine), HTTP works fine and HTTPS works fine. However, redirecting from HTTP to HTTPS is broken.
The error message that appears is as follows: ERR_CERT_AUTHORITY_INVALID.
When this error occurs, if I look at the details of the certificate, they indicate that the certificate is issued to "localhost.localdomain." I haven't found that domain name in my Apache config files. The details also say that the organization of the certificate is our internet service provider and was issued on May 7, 2011 and expires on March 4, 2021. None of these certificate details are true of our actual certificate. Our certificate was issued by Digicert and expires in 2019.
When I use SSL Labs to diagnose, the test doesn't even fully run and the following error message appears:
Certificate name mismatch
Try these other domain names (extracted from the certificates):
localhost.localdomain
These are my VirtualHost configs:
<VirtualHost *:80>
ServerName www.example.com:80
ServerAlias example.com:80
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^/?(.*)$ https://www.example.com/$1 [NE,L,R=301]
</VirtualHost>
<VirtualHost *:443>
ServerName www.example.com:443
ServerAlias example.com:443
SSLEngine on
SSLCertificateFile "C:\https\star_example_com.crt"
SSLCertificateKeyFile "C:\https\star_example.com.key"
SSLCertificateChainFile "C:\https\DigiCertCA.crt"
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www.example.com$ [NC]
RewriteRule ^/?(.*)$ https://www.example.com/$1 [NE,L,R=301]
</VirtualHost>
I have also tried redirecting using the following redirect command, but the same thing happens:
Redirect permanent / https://www.example.com/
So, we figured it out. It has very little to do with HTTPS or the redirect.
We have a website failover server that kicks in if it detects that our main site is offline or malfunctioning.
Well, apparently, the failover logic detected 301/302 redirects as failures. The mysterious certificate was being served by the failover server.
We had to change the failover logic to no longer see redirects as failures.
I'm looking for a method to confirm traffic between an origin server and the CloudFlare CDN is encrypted with HTTPS.
I have a Let's Encrypt SSL cert installed on the origin server and at the CloudFlare CDN, I have CloudFlare's universal free generated SSL cert installed.
With caching activated, the browser sees the CloudFlare SSL cert. With caching deactivated, the browser sees the Let's Encrypt SSL cert. So both certs are working fine. But with caching activated, I can't actually see what's happening between the origin and the CDN.
In CloudFlare I have Full (Strict) SSL activated. Ostensibly this means traffic is encrypted between the origin and CDN. But is there a way to confirm this independantly?
One method I know is to use Netstat at the origin to check which port is taking the traffic. Netstat is installed but I don't have root SSH access to it. ss is not installed. I do have Python installed and was able to execute a Hello World python script. I don't have Java installed. wget works and can download files. Is there any other method?
Assuming Apache, modify your VirtualHost, add an entry to check and modify your logs.
Here's an answer, https://serverfault.com/a/359482/266552
Option 2, log the port
Here's an answer from that same thread, https://serverfault.com/a/665620/266552
Option 3, redirect all HTTP requests to HTTPS.
Option 3a, you could use mod_rewrite:
RewriteEngine On
# This will enable the Rewrite capabilities
RewriteCond %{HTTPS} !=on
# This checks to make sure the connection is not already HTTPS
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
# This rule will redirect users from their original location, to the same location but using HTTPS.
# i.e. http://www.example.com/foo/ to https://www.example.com/foo/
# The leading slash is made optional so that this will work either in httpd.conf
# or .htaccess context
https://wiki.apache.org/httpd/RewriteHTTPToHTTPS
Option 3b, an alternative without mod_rewrite:
<VirtualHost *:80>
ServerName mysite.example.com
DocumentRoot /usr/local/apache2/htdocs
Redirect permanent / https://example.com/
</VirtualHost>
<VirtualHost _default_:443>
ServerName mysite.example.com
DocumentRoot /usr/local/apache2/htdocs
SSLEngine On
# etc...
</VirtualHost>
Replace #etc... with the rest of your configuration.
https://wiki.apache.org/httpd/RedirectSSL
I purchased a ssl for one website but all other addon (domain) are working with https with the contain of my ssl site
example: https//www.example.com (I purchased ssl for this one)
In same hosting I have 5 domain like www.domain1.com and like so, but they don't have ssl
But when I try to open www.domain1.com (without ssl) with https its working but with the contain of my ssl site i.e www.example.com
I tried with .htaccess but its not working
Options +FollowSymlinks -MultiViews
RewriteEngine on
RewriteCond %{SERVER_PORT} =443
RewriteRule . http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
like this many rule but none of them working
Ok you've a few problems here.
For a start of its serving your incorrect main site then it's not reading your .htaccess file so that's (one reason) why that won't help.
You must only have one vhost defined for port 443 with the DocumentRoot of your SSL site. You will need to create the same vhosts you have for the port 80 hosts.
You don't explain how you are not getting an SSL error when visiting domains for sites that the cert doesn't cover? Or are you getting it and just ignoring it? And, if so are you OK with that?
Next your rewrite in your .htaccess is wrong as it has port as =443 instead of just 443.
To ultimately solve your problem you need to either get a cert for your other sites, or move them to different IP addresses and or servers (as detailed in this answer: Multiple domains and SSL : all domains use my SSL certificate but I don't want? )
I have 5 sites on one apache server. One of the sites is with SSL. So when the other sites are accessed with https then they are redirected to the SSL site which is incorrect.
E.g.
https://x.com (with SSL)
http://y.com (normal site no SSL)
If I access https://y.com then I get the content from x.com. How can I fix so https://y.com just gets rewritten to http://y.com?
In your .htaccess put:
RewriteCond %{HTTPS} on [NC]
RewriteRule ^(.*)$ http://y.com/$1 [R=301,L]
You can define it in apache config file. You must add a rule to connection incoming from https port.
If you are using linux, propably you have this config in /etc/apache2/sites-available/default-ssl.
If you don't have this file you must searching https virtualhost:
<IfModule mod_ssl.c>
<VirtualHost _default_:443>