Amazon ELB and Apache trailing slash issue - apache

Actually I've an amazon ELB configured ONLY with rule HTTPS 443 --> HTTP 80. I cannot open the HTTP (port 80) on ELB for contract reasons.
I see that for all client requests in https without training slash the apache for some unknown reasons redirect it in http with training slash:
https://host/site --> redirect to http://host/site/ (doesn't work)
I see different questions about this problem and seems that all people solve opening HTTP on ELB (it add some header informations as well as X-Forwarded-Proto "https")
And they apply these Rewrite rules:
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R=301]
to get it working behind an AWS Elastic Load Balancer.
For me this automatic apache redirect when is missing the trailing slash on the the URL is not clear (for my understanding apache when see an URL without trailing slash that point to a dir, redirect it adding trailing slash)
Is there an alternative way to solve this problem WITHOUT open HTTP on Amazon ELB?

Related

Redirect to https version on a DNS level with AWS?

Since Cloudflare has the option to redirect all http:// traffic to https:// with the setting "Always Use HTTPS", does AWS have the same feature?
I'm using Route 53 and EC2. I want to redirect http to https (SSL) on a DNS level, so it doesn't hit my server and put server load.
This is my .htaccess code:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
I want to redirect http to https (SSL) on a DNS level
The DNS level only cares about mapping between names and IP addresses (at least the part relevant for this question). It is impossible to make the browser use a different application protocol (HTTPS vs HTTP) and/or port (443 vs 80) at the DNS level.
If you use CloudFront with Route53 you can achieve this functionality:
Or you can use route53 with an elastic load balancer to redirect http to https traffic.

301 Redirect from http to https same page name

checked the Forum but could not find an ideal answer. I have recently installed a SSL Certificate on my site and in the process of creating 301 redirects via the .htaccess file for nearly 400 page urls (to keep Google happy). I thought of using;
redirect 301 /contact.php https://www.mydomainname.co.uk/contact.php
but it breaks the site. The only solution I have seen is;
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule ^contact\.php$ https://www.mydomainname.co.uk/contact.php [L,R=301]
The above seems a lot of code to use for each of the 400 pages! is there a quicker way with less code I can use in the .htaccess file?
Many thanks. Hope someone can advise.
There are two basic ways of redirecting pages with Apache: Redirect (of mod_alias) and RewriteRule etc. (of mod_rewrite).
Redirect is very simple: it will just redirect a single URL to another. It can be useful sometimes, but it's usefulness is limited to its simplicity: in the case of HTTP-to-HTTPS redirection, it can't differentiate between HTTP and HTTPS connections, so it will just try to redirect to HTTPS even if you're already on HTTPS (and thus you end up in an infinite redirect loop).
RewriteRule, on the other hand, is more advanced and flexible. You can use RewriteCond to conditionally redirect requests; in your case, you'd want to redirect requests only if they're on a HTTP connection.
As you mentioned, you want to redirect to HTTPS for many (I presume all) requests; you can easily do this with only a single rule:
# Enable rewrites
RewriteEngine on
# Only run next RewriteRule on HTTP connections (not HTTPS)
RewriteCond ${HTTPS} off
# Redirect any page to the same URL with https:// schema
RewriteRule (.*) https://${SERVER_NAME}/$1 [L,R=301]
(The ${SERVER_NAME} variable will automatically be equal to your domain name, so you can even use this on web servers with multiple domain names.)

HTTPS redirection on AWS ELB

We have web servers running Apache behind an AWS ELB. I have setup the ELB to accept HTTPS connections, and send the requests over HTTP to the webservers. This works fine.
I have also redirected all the requests to ELB from HTTP to HTTPS using HTTP:X-Forwarded-Proto.
I have added the below virtualhost section to my httpd.conf file and restarted Apache. This setup is redirecting HTTP requests to HTTPS but it is landing on the Apache home page instead of the expected site.
ServerName www.myexample.com
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule !/index.html https://%{SERVER_NAME}/%{REQUEST_URI} [R=301,L]
The configuration seems to be simple and straightforward but not working.
Please let me know what is wrong in the above setup and why is it landing on the Apache home page.
You should escape the . in your rewrite rule. Change your Rewrite to be:
RewriteRule "!/index\.html" https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
Also, as in the comment to your OP Remove the slash between %{HTTP_HOST}%{REQUEST_URI}

apache alternate port and mod_dir trailing slash with port rewrite

I have Apache listening on an alternate port (8000) behind a proxy on the same system (node.js), which is listening on port 80. All works well, except that mod_dir in Apache will rewrite trailing slashes by default, and is appending the port in the location header.
In other words, I am able to load the Apache web page just fine, but when I click a link in the page that points to a directory, I get a 301 from Apache, with the location header like so:
Location: www.example.com:8000/_my_path/
Apache is just innocently handing out the port, because it doesn't know any better, but I need it to stop added the port. mod_rewrite seems to be the correct approach, but I am not sure about the following:
Which triggers first, mod_rewrite or mod_dir?
Do I need to disable mod_dir and then try to compensate for all of it's behavior with mod_rewrite?
Is there a better way that I missed?
Server version: Apache/2.2.22 (Debian)
Adding the following to my directive resolved the issue:
RewriteEngine On
RewriteCond $1 !/$
RewriteCond %{REQUEST_FILENAME}/ -d
RewriteRule (.+) http://www.example.com/$1/ [R=301,L]
I would post the links where I gleaned this information from, but apparently I don't have enough "reputation"... :/

Redirect from https to http url stored from google

in a search from google , i found my domain url with https and not http .
For example : https://xxxx.com/yyyy/zzzz and not http://xxxx.com/yyyy/zzzz
It's possible redirect from https to http for the domain xxxx.com ?
I use centos and apache web server
On the same server, i have a certificate https that respond to https://zzzz.com
Thanks
Carlo
This will work with mod_rewrite on. Put this code in .htaccess file at root of the site.
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI}