I have used the following rule to exclude 200.200.0.17 to be redirected from http to https, but its requests (from 200.200.0.17) are still being redirected to https. Any help will be appreciated.
<VirtualHost _default_:80>
# If mod_rewrite is present, it takes precedence over mod_alias
# and it is necessary to rewrite the request to https.
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REMOTE_ADDR} !^200.200.0.17
RewriteRule (.*) https://%{HTTP_HOST}$1
</IfModule>
# Otherwise use mod_alias to redirect.
Redirect / https://%{HTTP_HOST}/
</VirtualHost>
After the first rule is executed, the second one is also executed. To prevent this from happening, use the last flag. Change the line in your code:
RewriteRule (.*) https://%{HTTP_HOST}$1 [L]
See: https://httpd.apache.org/docs/2.4/rewrite/flags.htm
It's because you have the alternative redirect set up, remove:
Redirect / https://%{HTTP_HOST}/
Or it will just keep redirecting that IP after the first rule ignores it.
Related
I have already tried different solutions from other threads but somehow none is working. So I have a domain called my-domain.com and I want that all http requests to http://my-domain.com or http:///*.my-domain.com are redirected to the corresponding https page. In the folder /etc/apache2/sites-enabled/ I have a configuration file which looks like this:
<VirtualHost *:80>
ServerName my-domain.com
ServerAlias *.my-domain.com
RewriteEngine On
RewriteCond %{HTTP_HOST} ^(.+)\.my-domain\.com$
RewriteRule ^(.*)$ https://%1.my-domain.com/$1 [R=302,L]
</VirtualHost>
But still there are no redirects. All requests are failing because of a timeout. Is there something I am missing?
In your RewriteRule, the %1 is not doing what you think it will be doing.
# bad
RewriteRule ^(.*)$ https://%1.my-domain.com/$1 [R=302,L]
Try this:
# good
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
What we are doing here is taking ANY request that is NOT HTTPS, and rewriting it. We don't care about looking at the %{HTTP_HOST}, nor the %{REQUEST_URI}, because we will just use them blindly.
This is a "blind forward" to HTTPS. I don't care what you asked for, but since you did it over HTTP, you will have to do it over HTTPS.
At that point, it becomes a different rule to redirect further.
Additionally, 302 is a temporary redirect. You may wish to consider a 301, for a permanent redirect across ports.
I have a SSL on my site and would like to redirect all my http pages to https
I find something below and work for www.yourdomain.com.
If I also need transfer all yourdomain.com(without www) to https what should I add to htaccess? Thanks!
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R,L]
<!-- Please put the redirect without www here, thanks-->
A simple Google search reveals hundreds of results. For example, this official FAQ.
RewriteEngine On
# This will enable the Rewrite capabilities
RewriteCond %{HTTPS} !=on
# This checks to make sure the connection is not already HTTPS
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
# This rule will redirect users from their original location, to the same location but using HTTPS.
# i.e. http://www.example.com/foo/ to https://www.example.com/foo/
# The leading slash is made optional so that this will work either in httpd.conf
# or .htaccess context
Really racking my brain over this one. I need to always force 'https' whenever a user requests 'http' on my site, but at the same time I need to proxy pass from Apache to Tomcat (over http). I can't get these two pieces to work in tandem.
I have the https redirect defined here in httpd.conf:
<VirtualHost *:80> ServerName myserver.foo.com
Redirect / https://myserver.foo.com/
</VirtualHost>
Then for the proxy:
RewriteEngine on
RewriteLog /opt/HTTPServer/logs/rewrite_log
RewriteLogLevel 9
RewriteRule ^/testnew/MyApp(.*)$ http://localhost:8080/test/MyApp$1?product=new [NC,P,QSA]
RewriteRule ^/testold/MyApp(.*)$ http://localhost:8080/test/MyApp$1?product=old [NC,P,QSA]
Note: This does actually work if I use ProxyPass instead, but I need to be able to add additional GET parameters to the request, hence the use of the [P] flag approach here.
So when I hit the following URL, I get the Apache HTTP Server page which reads "Not Found".
http://myserver.foo.com/testnew/MyApp/RunReport
In the access log, there's a 404
[10/Nov/2014:01:45:21 -0600] "GET /testnew/MyApp/RunReport HTTP/1.1" 404 321
Also, nothing gets written to the rewrite log.
As I understand it, RewriteRules will execute BEFORE Redirect, so even if the above URL did work (and I don't understand why it doesn't), it wouldn't get redirected from http to https. So how can I accomplish this?
I also tried this using only RewriteRules:
RewriteEngine on
RewriteCond %{HTTPS} !on
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301]
RewriteRule ^/testnew/MyApp(.*)$ http://localhost:8080/test/MyApp$1?product=new [NC,P,QSA]
RewriteRule ^/testold/MyApp(.*)$ http://localhost:8080/test/MyApp$1?product=old [NC,P,QSA]
However with this, the URL gets translated to include the https scheme and hostname after the 1st redirect, so the subsequent RewriteRules fail to match. If I add the full 'https://myserver.foo.com' to the RewriteRule, it matches, but then the full URL gets translated back to http via the proxy.
I can't win! This seems to me like it would be a fairly common configuration. Did I completely miss something? I've been looking at this too long.
I was able to get this to work by moving the proxy RewriteRules under the *:443 VirtualHost and leaving the http -> https ones at the global level, i.e.
Listen 443
<VirtualHost *:443>
SSLEnable
SSLClientAuth None
RewriteEngine On
RewriteLog /opt/HTTPServer/logs/rewrite_log-443
RewriteLogLevel 9
RewriteRule ^/testnew/MyApp(.*)$ http://localhost:8080/test/MyApp$1?product=new [NC,P,QSA]
</VirtualHost>
...
...
RewriteEngine on
RewriteCond %{HTTPS} !on
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301]
Works beautifully now. :)
Im having this htaccess code
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} on [AND]
RewriteCond %{REQUEST_URI} /products-page/bathroom-amenities/nourish-a-spa-line/
RewriteRule (.*) http://%{HTTP_HOST}/bathroom-amenities/286-nourish.html
</IfModule>
what this does is to redirect the user from:
https://www.mydomain.com/products-page/bathroom-amenities/nourish-a-spa-line/
to:
http://www.mydomain.com:443/bathroom-amenities/286-nourish.html
This Code is redirecting from a https URL to a http URL, but for this to work I need to remove the port from the result URL.
Can anyone help me with this?
User SERVER_NAME instead of HTTP_HOST
Be careful with the use of UseCanonicalName setting, most likely you want to have it set to Off
I am trying to configure my Apache 2.2 version to use a 301 permanent redirect when someone types my url without the www. I want to configure this in the httpd.conf and not using .htaccess if possible. I have tried using Redirect permanent but the first variable has to be a directory and not a url. Any ideas how to configure boom.com requests to be redirected to www.boom.com using a 301 redirect in Apache? Thanks
Add the following:
# Canonical hostnames
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.boom\.com [NC]
RewriteCond %{HTTP_HOST} !=""
RewriteRule ^/(.*) http://www.boom.com/$1 [L,R=301]
This will redirect all request which don't match www.boom.com to www.boom.com, with the same query path. (For example, boom.com/foo?foo=bar will be redirect to www.boom.com/foo?foo=bar).
If you have named virtual hosts you could put the extra RewriteCond entries #tux21b gave inside to isolate them. Also if you have mod_alias you could try this which should do the same thing:
<VirtualHost boom.com:80>
RedirectMatch permanent /.* http://www.boom.com$0
</VirtualHost>
I'm sure someone will comment if there's a reason to use one over the other.