I am trying to redirect ME.com or www.ME dot com to https://NOTME dot com.
The code below works but when i type https://ME dot com it doesn't go to https://NOTME dot com. i get an error that page is unsecure.
code below:
<VirtualHost *:80>
ServerAdmin admin#ME dot com
ServerName ME dot com
ServerAlias www dot ME dot com
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www dot ME dot com
RewriteRule ^/(.*)$ http://NOTME dot com/$1 [L,R=301]
Redirect permanent / https://NOTME dot com/
DocumentRoot /var/www/xxx/xxx/
<Directory />
Options FollowSymLinks
AllowOverride all
</Directory>
<Directory /var/www/xxxx/xxxxx/>
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# MSIE 7 and newer should be able to use keepalive
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
Also note that i set ME.com had an https certificate that i removed which was set at virtual host port 443. Can i also still return the certificate to it?
Also both ME.com and NOTME.com are on the same server IP.
This is how i solved this problem:
<VirtualHost *:443>
ServerAdmin x#ME.com
ServerName ME.com
ServerAlias www.ME.com
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
RewriteCond %{HTTPS} on
RewriteCond %{HTTP_HOST} ^www.ME.COM/$
RewriteRule ^/(.*)$ https://NOTME.COM/$1 [L,R=301]
Redirect permanent / https://NOTME.COM/
SSLEngine on
SSLCertificateFile /xxxxxxxxxxxx.crt
SSLCertificateKeyFile /xxxxxxxxxxxx.key
SSLCertificateChainFile /xxxxxxxxxxxxxx.crt
Actually the solution was a permanent redirect to NOTME dot com
We have an angular app with an apache server which uses .htaccess to rewrite requests to /index.html using
RewriteRule . /index.html [L]
But for a few paths, we want to use /whatever to route to a different domain. However, adding
ProxyPass /whatever whatever.site.com
to sites-enabled doesn't seem to override the .htaccess.
That full file looks like
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot /var/www
ProxyPass /whatever https://whatever.com
ProxyPassReverse /whatever https://whatever.com
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Any suggestions?
Also, I know for sure that the sites-enabled file above is being used because if I put garbage-text into it the site crashes ;)
Your quoted virtualhost is probably not used for your test request, because proxy would always bypass mod_rewrite rules specified in .htaccess.
Maybe apachectl -S would give you a hint about which vhosts are present / being used. I see this vhost has no ServerName, so unless it's the first or only *:80 it will probably never be used.
I followed this guide to get a free SSL certificate from StartSSL: https://www.digitalocean.com/community/tutorials/how-to-set-up-apache-with-a-free-signed-ssl-certificate-on-a-vps
I followed it step by step but I don't actually understand it fully as I'm a newbie.
I have .htaccess which stopped working after I put the below code into my 000-default.conf file:
<VirtualHost *:443>
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM
SSLCertificateFile /etc/apache2/ssl/ssl.crt
SSLCertificateKeyFile /etc/apache2/ssl/private.key
SSLCertificateChainFile /etc/apache2/ssl/sub.class1.server.ca.pem
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/html>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
</VirtualHost>
This is what's in my .htaccess file:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^([a-zA-Z0-9\-]+)$ $1.php
ErrorDocument 404 /404error
</IfModule>
^ It's basically to be able to access a page like this domain/page rather than like this: domain/page.php
So as soon as I add the above code from the 000-default.conf file, the rewrite rule works fine. If I add it in, however, I can no longer access files without the .php at the end. My 404 redirect is also not working.
What is it that's causing the problem?
I have some site example.biz. I redirect all http request to https, but how redirect with subdomains(Excluding one host that is in a different configuration file)? I need something like this: If i write bla-bla.example.biz i must redirected to example.biz. But if ololo.bla-bla.example.biz - error. And all this redirection must be to https. To all this, I can not add *.example.biz to ServerAlias, because i have another site adm.example.biz. Now If I write something like any.example.biz, i left on the home page.
Config of example.com:
<VirtualHost *:80>
ServerAdmin i#example.com
ServerName example.biz
ServerAlias www.example.biz
UseCanonicalName On
DocumentRoot /var/www/example/webapps
LogLevel warn
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
ErrorLog ${APACHE_LOG_DIR}/example-error.log
CustomLog ${APACHE_LOG_DIR}/example-access.log combined
</VirtualHost>
https config:
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerAdmin i#example.com
ServerName example.biz
ServerAlias www.example.biz
UseCanonicalName On
DocumentRoot /var/www/example/webapps/
LogLevel warn
ErrorLog ${APACHE_LOG_DIR}/example-error.log
CustomLog ${APACHE_LOG_DIR}/example-access.log combined
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/rockfutur/webapps/rockfutur/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
SSLEngine on
SSLCertificateFile /etc/ssl/certs/example.pem
SSLCertificateKeyFile /etc/ssl/private/example.key
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# MSIE 7 and newer should be able to use keepalive
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
</VirtualHost>
</IfModule>
I've had a working webmin setup on a VPS, however after trying to force it to connect via HTTPS I've done goof somewhere and now whenever I try to login the login page doesn't display correctly (no blue rectange background) and trying to login via https://server1.domain.me:10000 keeps redirecting me to https://server1.domain.me:10000/webmin/session_login.cgi, which is again a login page.
Before it began malfunctioning, I had the following file in /etc/apache2/sites-available
<VirtualHost *:80>
ServerAdmin webmaster#domain.me
ServerName domain.me
ServerAlias www.domain.me
DocumentRoot /var/www/domain.me/
<Directory />
RedirectMatch temp ^/$ /public_html
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/domain.me>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
<Directory /var/www/domain.me/redmine>
AllowOverride None
order allow,deny
allow from all
RailsBaseURI /redmine
PassengerResolveSymlinksInDocumentRoot on
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
ServerSignature On
RailsEnv production
RailsBaseURI /redmine
</VirtualHost>
When I tried to force webmin (and owncloud if that matters) to use HTTPS I created a new Virtualhost for port 443 using my SSL keys and updated Virtualhost for port 80 to proxy all http://domain.me/webmin to https://server1.domain.me:10000 (I kept commented-out configs for you to see what I've tried):
<VirtualHost *:443>
ServerAdmin webmaster#domain.me
ServerName server1.domain.me
alias /owncloud /var/www/domain.me/owncloud
DocumentRoot /var/www/domain.me/
SSLEngine On
SSLProxyEngine On
SSLCertificateFile /etc/ssl/ssl.crt/server1_domain_me.crt
SSLCertificateKeyFile /etc/ssl/ssl.crt/server1.key
SSLCACertificateFile /etc/ssl/ssl.crt/COMODORSADomainValidationSecureServerCA.crt
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
# <Location /webmin>
# RewriteEngine On
# #RewriteRule (.*) https://server1.domain.me:10000/$1 [R,L]
# ProxyPass https://server1.domain.me:10000/
# ProxyPassReverse https://server1.domain.me:10000/
# </Location>
<Directory /var/www/domain.me/owncloud>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
Allow from all
Satisfy Any
<IfModule mod_rewrite.c>
RewriteEngine on
<IfModule mod_ssl.c>
RewriteEngine On
RewriteRule ^/?(.*)$ https://%{HTTP_HOST}/owncloud$
</IfModule>
</IfModule>
</Directory>
# ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
# <Directory "/usr/lib/cgi-bin">
# AllowOverride None
# Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
# Order allow,deny
# Allow from all
# </Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
ServerSignature On
</VirtualHost>
and updated my domain.me virtualhost file to:
<VirtualHost *:80>
ServerAdmin webmaster#domain.me
ServerName domain.me
ServerAlias www.domain.me
#SSLEngine On
SSLProxyEngine On
SSLProxyCheckPeerCN off
SSLProxyCheckPeerExpire off
<Proxy *>
Order allow,deny
Allow from all
</Proxy>
DocumentRoot /var/www/domain.me/
<Directory />
RedirectMatch temp ^/$ /public_html
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/domain.me>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
<Directory /var/www/domain.me/redmine>
AllowOverride None
order allow,deny
allow from all
RailsBaseURI /redmine
PassengerResolveSymlinksInDocumentRoot on
</Directory>
<Location /owncloud>
ProxyPass https://server1.domain.me/owncloud/
</Location>
<Location /server1>
ProxyPass https://server1.domain.me/webmin/
</Location>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
ServerSignature On
RailsEnv production
RailsBaseURI /redmine
#ProxyPassReverse /owncloud https://server1.domain.me/owncloud/
#ProxyPassReverse /webmin https://server1.domain.me:10000/
</VirtualHost>
I also added the lines webprefix=/webmin, webprefixnoredir=1 and referer=domain.me to /etc/webmin/config
However, something is clearly wrong here because I cannot login to webmin at all. I've been searching the web for an answer for the past 5 hours, tried a lot of thing and still no luck.
Any ideas?
There are 4 critical (and undocumented!) keys to get this to work, as I found through much aggravation!
1) When you edit /etc/webmin/config, make sure there is NO WHITE SPACE at the end of the webprefix=/webmin line. That will fix the problem where the login screen formatting is funky.
2) You need to be extremely precise in your use of slashes in your ProxyPass (and they don't match the official documentation!)
ProxyPass /webmin/ http://localhost:10000/
ProxyPassReverse /webmin/ http://localhost:10000/
3) You need to include cookie ProxyPass lines (again not in the documentation!).
ProxyPassReverseCookieDomain /webmin/ http://localhost:10000/
ProxyPassReverseCookiePath /webmin/ http://localhost:10000/
4) When you browse to Webmin, you MUST INCLUDE a trailing slash!
http://your.domain.name/webmin/
* UPDATE *
Pertaining to point 4:
To make sure the trailing slash is always present when you browse to Webmin, add these lines (prior to your proxy pass, if it matters?). With this added, if you forget to add the slash, Apache will simply do it for you:
RewriteEngine On
RewriteRule ^/webmin$ /webmin/ [R]
I had the same problem. I installed webmin set up apache with it, and after login screen, no redirection happened.But #MUHAHA was right. I set up my webmin with no /webmin directory, no nuthin!
I wrote a CNAME redirection rule in my domain provider. CNAME webmin.example.com to my raspberry pi's dynamic-dns service name.
my webmin.conf file in /etc/apache2/sites-enabled/ directory:
<VirtualHost *:80>
ProxyPreserveHost On
ProxyRequests Off
ServerName webmin.example.com
ServerAlias webmin.example.com
ProxyPass / http://localhost:10000/
ProxyPassReverse / http://localhost:10000/
ProxyPassReverseCookieDomain / http://localhost:10000/
ProxyPassReverseCookiePath / http://localhost:10000/
</VirtualHost>
after that i installed webmin... you know! :)
an then thanks to #MUHAHA, i changed that line 4043 in /usr/share/webmin/miniserv.pl file
change
&write_data("Location: $prot://$hostport$in{'page'}\r\n");
to
&write_data("Location: $prot://$host$in{'page'}\r\n");
and everythings peachy! Login redirects to the main page with ease!
#Buvinj
Im afraid, that this isnt enough..
To use proper SSL on Proxy, is needed to disable miniservers SSL
/etc/webmin/miniserv.conf
ssl=0
ssl_redirect=1
cookiepath=/webmin
/etc/webmin/config
webprefix=/webmin
webprefixnoredir=1
There are still problems with redirect after login, so this should help:
on webmin host edit file /usr/share/webmin/miniserv.pl
and on line 4043 replace
&write_data("Location: $prot://$hostport$in{'page'}\r\n");
to
&write_data("Location: $prot://$host$in{'page'}\r\n");
Source:
https://sourceforge.net/p/webadmin/discussion/600155/thread/6eb89f60/
But it doesnt work for me, i am redirected to root context (/) after login, not to /webmin context
EDIT:
$prot is always evaluated as http, even if you have ssl_redirect=1 in miniserv.conf
/usr/share/webmin/miniserv.pl
&write_data("Location: https://$hostport$config{'cookiepath'}$in{'page'}\r\n");
Rewrite rule for Location: in headers should also fix this problem.
EDIT2:
https://github.com/webmin/webmin/issues/350
https://github.com/webmin/webmin/issues/351