Apache permanent redirect goes to www automatically - apache

My domain name is example.com without www. So if I put www.example.com then it does not work but example.com works. So I configured apache like this
<VirtualHost *:80>
ServerName example.com
ServerAdmin webmaster#example.com
Redirect permanent / https://example.com/
</VirtualHost>
<VirtualHost *:443>
ServerName example.com
ServerAdmin webmaster#example.com
DocumentRoot path/to/project/public
SSLEngine on
SSLCertificateFile /path/to/keys/xxx.crt
SSLCertificateKeyFile /path/to/keys/xxx.key
ErrorLog /var/log/apache2/error_log
CustomLog /var/log/apache2/access_log combined
<Directory "path/to/project/public">
Options FollowSymLinks
Require all granted
</Directory>
</VirtualHost>
Now, as you can see, I do a permanent redirection to https like
Redirect permanent / https://example.com/
But this redirection add www with the domain name by default. So the redirected url becomes https://www.example.com/. Obviously my website can not be accessed from with www since it is registered without www. So please tell me how can make the redirect to work and go to https://example.com/ without the https.

Add an Alias
<VirtualHost *:443>
ServerName example.com
ServerAlias www.example.com
</VirtualHost>
This requires that the www.yourdomain.com points to the same place as yourdomain.com. However the www might not work with your SSL certificate, it depends on the certificates specificity.
I generally allow both on my sites as some people insist on including the www whenever they enter an address.
Apache's documentation can help out with more specifics https://httpd.apache.org/docs/2.2/vhosts/name-based.html
As far as the redirect issue you're having:
Make sure you don't have some RewriteEngine rules that are rewriting your non www requests to www. You might have an .htaccess file in your site directory that is doing the rewrite/redirect.
It might look something like:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://www.%{SERVER_NAME}/$1 [R,L]
Which would mean you should remove the www in the last Rewrite Rule

Related

Apache Virtual Hosts Non-www not working

I'm setting up a Virtual Hosts file on my CentOS 7 box and I'm having trouble getting my domain to resolve correctly.
Here's what my current /etc/httpd/conf.d/vhost.conf file looks like
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin webmaster#domain.com
ServerName www.domain.com
ServerAlias domain.com
DocumentRoot /var/www/html/domain.com/public_html/
ErrorLog /var/log/httpd/error.log
CustomLog /var/log/httpd/access.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =www.domain.com [OR]
RewriteCond %{SERVER_NAME} =domain.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
It seems the the correct redirects are happening. For exmaple:
domain.com redirects to https: //www.domain.com
www works fine
BUT
https: //domain.com doesn't work
http ://domain.com doesn't work
In fact, if I remove the redirects I have set, domain.com ins't working at all, so it looks like the ServerAlias is broken?
I'm wondering if I need another redirect or is there some other step I'm missing?
Also, don't mind the spaces between http and the domain name. StackOverflow made me format it that way.
As presented, no request to anything https will ever work. Normal, you only have a VirtualHost on port 80. You do have a Listen directive for that port right?
For your redirections. It says: if you ask for http://www.example.com or http://example.com, redirect to https://<WHAT THE USER ASKED FOR>. In essence you are forcing your users to use https all the time, no problem there. But you do not have a VirtualHost on port 443, hence no response.
So:
Listen *:80
<VirtualHost *:80>
ServerName www.example.com
ServerAlias example.com
ErrorLog /var/log/httpd/80_error.log
CustomLog /var/log/httpd/80_access.log combined
RewriteEngine on
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
</VirtualHost>
Listen *:443
<VirtualHost *:443>
ServerName www.example.com
# in case users do directly to https
ServerAlias example.com
DocumentRoot /var/www/html/domain.com/public_html/
DocumentIndex index.html
ErrorLog /var/log/httpd/443_error.log
CustomLog /var/log/httpd/443_access.log combined
# SSL CONFIGURATIONS, TODO!
</VirtualHost>
In your *:443 VH, you will have to configure certificates and SSL.
Your certificates will have to be valid for both www.example.com and example.com to avoid browser complaints.
Careful there might be an ssl.conf included file under conf.d that defines some of this. Make sure you only set it once to avoid confusion.
No need to define DocumentRoot in *:80 VH since it only redirects and does not respond content to client.
Have fun!
I solved the issue. I had my local hosts file configured to point to an old out of date IP address……
domain.com *bad ip address*
I'm so embarrassed. I must have set that up months ago and forgot.

Redirect sub domain A to https domain B

I've tried looking for a post related to my issue but I couldn't find a suitable one. If there is, let me know!
Here's the current situation that I'm facing now. I would like to redirect a domain,
example.hr
that is being used with another server and there's an SSL that comes with it.
Now, I have another server that comes with the domain,
example.co
and there's an SSL cert too.
I would like to redirect test.example.hr to https://example.co. How can I go about to do this? I'm testing it with the subdomain since the root domain is in used.
I've tried this method,
<VirtualHost *:80>
ServerName test.example.hr
ServerAlias www.test.example.hr
Redirect / https://example.co/
</VirtualHost>
<VirtualHost *:443>
ServerName example.co
ServerAlias www.example.co
DocumentRoot /var/www/html
ErrorLog /var/www/html/error.log
CustomLog /var/www/html/access.log combined
</VirtualHost>
The SSL configuration is inside the 443 block.
When I go to test.example.hr, it will change to https://test.example.hr and the error that comes up is "Your connection is not private. Attackers might be trying to steal your information from test.alt.hr (for example, passwords, messages or credit cards). Learn more
NET::ERR_CERT_COMMON_NAME_INVALID"
Can you try this and update me.
<VirtualHost *:80>
ServerName test.example.hr
ServerAlias www.test.example.hr
Redirect / http://example.co/
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{SERVER_NAME}/$1 [R,L]
</VirtualHost>
<VirtualHost *:443>
ServerName example.co
ServerAlias www.example.co
DocumentRoot /var/www/html
ErrorLog /var/www/html/error.log
CustomLog /var/www/html/access.log combined
</VirtualHost>
make sure to enable a2enmod rewrite

apache redirect HTTPS to canonical HTTPS

I want all access to my website to be forced to HTTPS (https://support.google.com/webmasters/answer/6073543?hl=en).
I also want to force canonical www URL access (https://www.yes-www.org/why-use-www/)
I am attempting to do so according to Apache recommendations using the Redirect directive https://wiki.apache.org/httpd/RedirectSSL and https://httpd.apache.org/docs/2.4/rewrite/remapping.html#canonicalhost
I have a valid lets-encrypt certificate which has both www and the naked domain.
I have configured *:80 and *:443 VirtualHost redirects. /etc/httpd/conf.d/www.example.com.conf:
<VirtualHost *:80>
ServerName www.example.com
ServerAlias example.com
Redirect permanent / https://www.example.com
</VirtualHost>
<VirtualHost *:443>
ServerName example.com
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/www.example.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/www.example.com/privkey.pem
SSLCACertificateFile /etc/letsencrypt/live/www.example.com/fullchain.pem
Redirect permanent / https://www.example.com
</VirtualHost>
<VirtualHost *:443>
ServerName www.example.com
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/www.example.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/www.example.com/privkey.pem
SSLCACertificateFile /etc/letsencrypt/live/www.example.com/fullchain.pem
DocumentRoot "/var/www/html/www.example.com"
</VirtualHost>
<Directory "/var/www/html/www.example.com">
Order allow,deny
Allow from all
</Directory>
All works well if I specify base URL (example.com, www.example.com, https://example.com, etc). However, if I specify a page on the naked HTTPS request the redirect eats the root slash (https://example.com/index.html becomes https://www.example.comindex.html).
I do it with the following for all non-ssl to ssl -
<VirtualHost *:80>
ServerName example.org
ServerAlias www.example.org
RewriteEngine on
RewriteRule ^/(.*)$ https://www.example.org/$1 [R,L]
</VirtualHost>
Slighly different should do the same for https://example.org only redirecting to www.example.org
<VirtualHost your.ip.add.ress:443>
ServerName example.org
RewriteEngine on
RewriteRule ^/(.*)$ https://www.example.org/$1 [R,L]
*snip*
Normal SSL certificate/key stuff goes here
*snip*
</VirtualHost>
RedirectMatch appears to solve the problem similar to the Rewrite suggested by ivanivan. Changing Redirect line in *:443 VHost section to the following seems to fix the issue:
RedirectMatch permanent ^/?(.*) https://www.example.com/$1
I still don't understand why simple Redirect doesn't work with HTTPS.
As an aside, https://salferrarello.com/chrome-clear-redirect-cache/ was useful disabling Redirect caching in Chrome during testing.

Apache 2.4 url rewriting with https

I'm trying to do an url rewriting with Apache 2.4. I want that requests to
http://subdomain.domain.com
http://www.subdomain.domain.com
https://www.subdomain.domain.com
are remapped to
https://subdomain.domain.com
to avoid an error in SSL wildcard cert that doesn't not match www.subdomain.domain.com.
I tried with:
<VirtualHost ip:80>
ServerName subdomain.domain.com
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>
<VirtualHost ip:80>
ServerName www.subdomain.domain.com
Redirect permanent / https://subdomain.domain.com
</VirtualHost>
<VirtualHost ip:443>
ServerName www.subdomain.domain.com
Redirect permanent / https://subdomain.domain.com
</VirtualHost>
<VirtualHost ip:443>
ServerName subdomain.domain.com
...
...
...
My configuration works for (1) and (2) but not for (3). Where is my mistake?
I think the problem is that one of your port 443 virtualhosts does not have SSL on.
Try this
<VirtualHost ip:443>
ServerName www.subdomain.domain.com
Redirect permanent / https://subdomain.domain.com
SSLEngine on
SSLCertificateFile /something
SSLCertificateKeyFile /something
</VirtualHost>
Otherwise, the request simply won't be understood, because it's encrypted.
See eg How to redirect https to http without any SSL Certificate for why this is necessary.

Redirect from non-www to www with SSL

I have an Apache server hosting my HTML site. I have it setup currently to be SSL-enabled on www.mysite.com. It will also redirect from http://example.com to https://www.example.com.
However, I am having two issues:
First, I cannot figure out how to redirect:
http://www.example.com to https://www.example.com (not the ssl there)
Second, the www redirect also doesn't occur I navigate to:
https://example.com/
Below is the relevant portions of my httpd.conf file.
<VirtualHost *:80>
ServerName default
ServerAlias *
<IfModule mod_rewrite.c>
RewriteEngine on
# WITH 'www.'
RewriteCond %{HTTP_HOST} !^www.(.*) [nocase]
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}$1 [redirect=permanent,nocase,last]
</IfModule>
</VirtualHost>
<VirtualHost *:443>
ServerName www.exampe.com
SSLENGINE on
SSLCertificateFile /etc/pki/tls/signed/my.crt
SSLCertificatekeyFile /etc/pki/tls/signed/my.key.csr
SSLCertificateChainFile /etc/pki/tls/signed/my.ca-bundle
</VirtualHost>
Does anyone have any idea how to modify the above VirtualHost elements to include the https redirect (bullet point 1) and have the redirect enabled for the ssl-enabled, non-www form of the url (bullet point 2)?
For first case remove the IfModule and mod_rewrite mess and add this in the non-SSL virtualhost:
Redirect / https://www.example.com/
For Second case add this in the SSL VirtualHost:
UseCanonicalName on