I have enabled https and can navigate application using HTTP and HTTPS without rewrite. Apache 2.2.24. But I see a strange behavior:
Receiving 400 bad request if passing http://hostname.com/XXX but works fine with url/xxx/ Don’t know how / can help to redirect to https.
Also, enabled the rewrite with following in httpd.conf but don’t see a difference.
Also, HTTP redirection is not working.
Rewrite Engine
RewriteEngine On
now the rewriting rules
RewriteCond %{SERVER_PORT} !^443$
RewriteRule .* https://hostname.com/XXX [R,L]`
The simpliest way to do that is to make 2 virtualhosts, one listening on IP:80 (HTTP) redirecting to HTTPS and the other listening on IP:443 (HTTPS).
<VirtualHost private_ip_of_your_server:80>
ServerName www.mywebsite.com
ErrorLog /var/log/apache/http_www_mywebsite_com_error.log
CustomLog /var/log/apache/http_www_mywebsite_com_access.log combined
RedirectPermanent / https://www.mywebsite.com/
</VirtualHost>
<VirtualHost private_ip_of_your_server:443>
ServerName www.mywebsite.com
ErrorLog /var/log/apache/https_www_mywebsite_com_error.log
CustomLog /var/log/apache/https_www_mywebsite_com_access.log combined
</VirtualHost>
Don't forget to add the two associated NameVirtualHost directives:
- NameVirtualHost private_ip_of_your_server:80
- NameVirtualHost private_ip_of_your_server:443
Regards
Related
Apache shows default page and doesn't load site configuration. OS: Debian 10.
Site is enabled but somehow it doesn't show files from public_html folder. Any help is appreciated.
<VirtualHost *:443>
SSLEngine On
ServerAdmin admin#abc.com
ServerName abc.com
ServerAlias *.abc.com
DocumentRoot /home/xx/public_html
SSLEngine on
SSLCertificateFile /home/xx/ssl.cert
SSLCertificateKeyFile /home/xx/ssl.key
<Directory /home/xx/public_html>
Require all granted
</Directory>
ErrorLog /home/xx/logs/error.log
CustomLog /home/xx/logs/access.log common
LogLevel debug
</VirtualHost>
No enough reputation to comment, so I’m trying with an answer and will clean it up if useful.
No mention of what you’re finding, if anything, in your logs. I assume you’re accessing using HTTPS to be sure your requests are going to port 443, but if per chance you were not I would try that first by specifying the protocol when entering the URL in your browser - otherwise you are probably making your request to the server on port 80 and not 443 where your VirtualHost is listening.
http://example.com ====> browser sends request to port 80, default port for http
https://example.com ====> browser sends request to port 443, default port for https
Is there also a VirtualHost entry for port 80 to redirect those requests to 443? If your browser is trying to load it as http using port 80 first then perhaps that’s why you’re seeing the Apache default page as I believe the server will be attempting to serve from /var/www/html/ for requests on port 80 unless you have already pointed these elsewhere with another VirtualHost, etc.
An example of what I mean that I have in use; either the ReWriteEngine or the Redirect permanent may be redundant, but I can confirm it functions fine for me as follows:
<VirtualHost *:80>
ServerName www.example.com
ServerAlias example.com
Redirect permanent / https://www.example.com
RewriteEngine on
RewriteCond %{SERVER_NAME} =www.example.com [OR]
RewriteCond %{SERVER_NAME} =example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
For my setup, I preferred that the www subdomain be default and set up DNS intentionally to treat it as such, so the bare domain is ServerAlias in my instance.
I'm setting up a Virtual Hosts file on my CentOS 7 box and I'm having trouble getting my domain to resolve correctly.
Here's what my current /etc/httpd/conf.d/vhost.conf file looks like
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin webmaster#domain.com
ServerName www.domain.com
ServerAlias domain.com
DocumentRoot /var/www/html/domain.com/public_html/
ErrorLog /var/log/httpd/error.log
CustomLog /var/log/httpd/access.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =www.domain.com [OR]
RewriteCond %{SERVER_NAME} =domain.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
It seems the the correct redirects are happening. For exmaple:
domain.com redirects to https: //www.domain.com
www works fine
BUT
https: //domain.com doesn't work
http ://domain.com doesn't work
In fact, if I remove the redirects I have set, domain.com ins't working at all, so it looks like the ServerAlias is broken?
I'm wondering if I need another redirect or is there some other step I'm missing?
Also, don't mind the spaces between http and the domain name. StackOverflow made me format it that way.
As presented, no request to anything https will ever work. Normal, you only have a VirtualHost on port 80. You do have a Listen directive for that port right?
For your redirections. It says: if you ask for http://www.example.com or http://example.com, redirect to https://<WHAT THE USER ASKED FOR>. In essence you are forcing your users to use https all the time, no problem there. But you do not have a VirtualHost on port 443, hence no response.
So:
Listen *:80
<VirtualHost *:80>
ServerName www.example.com
ServerAlias example.com
ErrorLog /var/log/httpd/80_error.log
CustomLog /var/log/httpd/80_access.log combined
RewriteEngine on
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
</VirtualHost>
Listen *:443
<VirtualHost *:443>
ServerName www.example.com
# in case users do directly to https
ServerAlias example.com
DocumentRoot /var/www/html/domain.com/public_html/
DocumentIndex index.html
ErrorLog /var/log/httpd/443_error.log
CustomLog /var/log/httpd/443_access.log combined
# SSL CONFIGURATIONS, TODO!
</VirtualHost>
In your *:443 VH, you will have to configure certificates and SSL.
Your certificates will have to be valid for both www.example.com and example.com to avoid browser complaints.
Careful there might be an ssl.conf included file under conf.d that defines some of this. Make sure you only set it once to avoid confusion.
No need to define DocumentRoot in *:80 VH since it only redirects and does not respond content to client.
Have fun!
I solved the issue. I had my local hosts file configured to point to an old out of date IP address……
domain.com *bad ip address*
I'm so embarrassed. I must have set that up months ago and forgot.
How to configure Apache to redirect all requests from port 80 to a port 8080? For example http://google.com.localhost must redirect to a http://google.com.localhost:8080 but for all requests.
<VirtualHost *:80>
ServerName proxy.localhost
ServerAlias *.localhost
Redirect permanent / *:8080
</VirtualHost>
You cannot use Redirect for this, because Redirect does not allow for variables.
Inspired by the examples using mod_rewrite from the Apache documentation:
RewriteEngine On
RewriteRule "^/?(.*)" "http://%{HTTP_HOST}:8080/$1" [L,R,NE]
Note that you need mod_rewrite enabled for this to work.
I have an issue using mod_rewrite to force redirection of HTTP requests to HTTPS using Apache 2.2.22 on Ubuntu Server 12.04.
My /etc/apache2/sites-available/default file is as follows:
<VirtualHost *:80>
RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
</VirtualHost>
The HTTPS host is defined in default-ssl in the same directory.
Visiting the server's local IP address, the redirect appears to work fine. However, accessing it via the FQDN, it doesn't. Using the FQDN, the site is available at port 5443, which is mapped in the firewall to 443 on the server, so perhaps that has something to do with the problem. I cannot just use port 443 directly, as it is in use on this IP address by another server.
To further clarify, the following are valid links:
https://website:5443
https://192.168.200.80:443
The redirect works here:
http://192.168.200.80
But the following gives a 400 Bad Request, and this is where the redirect is needed:
http://website:5443/
"Your browser sent a request that this server could not understand.
Reason: You're speaking plain HTTP to an SSL-enabled server port.
Instead use the HTTPS scheme to access this URL, please."
This is totally possible. The following redirects all http to the https url.
<VirtualHost *:80>
ServerName mydomainname.com
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>
make sure you load the rewrite module mod_rewrite and enable it.
Your problem here is the initial HTTP request: This won't work as the server won't understand it receiving the request on port 443 (as the response code suggests).
If no port is given, the protocol http defaults to port 80, https to port 443.
This is also the reason why your local redirect works. I bet, if you access the page through http://website/ (with proper port forwarding of port 80), it will work as well. Also note that your VirtualHost is only defined for port 80 anyway, so it won't be valid for requests sent to website:5443 (or website:443).
In general, you'd need a server accepting both HTTP and HTTPS requests on a single port. Not sure any popular server actually supports something like that, because (I think) it essentially violates the specs.
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
if u want to redirect your site from http:// anything.example.com to https: //anything.example.com ... Just create a dedicated hosting .conf file as /etc/httpd/conf.d/dedicated.conf and other conf file as virtual.conf ... entries for dedicated.conf are as follows....
this is dedicated server hosting conf file for redirecting it to https...
<virtualhost *:80>
servername host.example.com
documentroot /var/www/html
rewriteengine on
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
sslcertificatefile /etc/pki/tls/certs/name.crt
sslcertificatekeyfile /etc/pki/tls/private/name.key
</virtualhost>
<directory /var/www/html>
allowoverride all
require all granted
</directory>
Alternatively as mentioned in comment below, we can use redirect also:
<virtualhost *:80>
servername host.example.com
documentroot /var/www/html
RedirectMatch / https://host.example.com:ANY_PORT/ #if there is specific port
sslcertificatefile /etc/pki/tls/certs/name.crt
sslcertificatekeyfile /etc/pki/tls/private/name.key
</virtualhost>
<directory /var/www/html>
allowoverride all
require all granted
</directory>
I have an Apache frontend server, that until today proxies traffic for a subdomain api.myapp.net to a backend server running a Rails app on an Nginx.
Now I added a second subdomain alpha.myapp.net in my domain portfolio and gave it the same IP. Traffic to that subdomain shall not hit the Rails application, but a second VHost on the Nginx server that is setup to serve a static site.
So I have a proxy config for api.myapp.net:
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin webmaster#myapp.net
ServerName api.myapp.net
ServerAlias api.myapp.net
DirectoryIndex index.html
RewriteEngine On
RewriteLog /var/log/apache2/rewrite.log
RewriteLogLevel 9
RewriteCond %{HTTP_HOST} !^(api\.)?myapp\.net$
RewriteRule ^(.*)$ http://myapp.net$1 [L,R=301]
ProxyPass / http://192.168.1.145/
ProxyPassReverse / http://192.168.1.145/
ErrorLog /var/log/apache2/error.log
LogLevel warn
CustomLog /var/log/apache2/access.log combined
ServerSignature Off
</VirtualHost>
And I setup a second config for alpha.myapp.net:
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin webmaster#myapp.net
ServerName alpha.myapp.net
ServerAlias alpha.myapp.net
DirectoryIndex index.html
RewriteEngine On
RewriteLog /var/log/apache2/rewrite.log
RewriteLogLevel 9
RewriteCond %{HTTP_HOST} !^(alpha\.)?myapp\.net$
RewriteRule ^(.*)$ http://myapp.net$1 [L,R=301]
ProxyPass / http://192.168.1.145/
ProxyPassReverse / http://192.168.1.145/
ErrorLog /var/log/apache2/error.log
LogLevel warn
CustomLog /var/log/apache2/access.log combined
ServerSignature Off
</VirtualHost>
What happens now, is, that all traffic to alpha.myapp.net hits my Rails application that listens for requests for api.myapp.net.
I sorted out all Nginx config problems, so I thought it must be an Apache misconfiguration. What I see in Apache's rewrite log seems to explain the problem:
xxx.yyy.zzz.95 - - [08/Apr/2013:09:34:35 +0200] [alpha.myapp.net/sid#b9279870][rid#b9311d38/initial] (2) init rewrite engine with requested uri /index.html
xxx.yyy.zzz.95 - - [08/Apr/2013:09:34:35 +0200] [alpha.myapp.net/sid#b9279870][rid#b9311d38/initial] (3) applying pattern '^(.*)$' to uri '/index.html'
xxx.yyy.zzz.95 - - [08/Apr/2013:09:34:35 +0200] [alpha.myapp.net/sid#b9279870][rid#b9311d38/initial] (4) RewriteCond: input='alpha.myapp.net' pattern='!^(alpha\.)?myapp\.net$' => not-matched
xxx.yyy.zzz.95 - - [08/Apr/2013:09:34:35 +0200] [alpha.myapp.net/sid#b9279870][rid#b9311d38/initial] (1) pass through /index.html
The last part pass through /index.html seems to omit the subdomain and domain part. So the Nginx backend server does not now, which subdomain is requested, ans serves the request from the first available server, which ist api.
The question now seems to be: How can I proxy the traffic from Apache frontend to Nginx backend and maintain the subdomain and domain?
Or could there be another problem?
Hope someone can help.
Regards Felix
Sometimes the answer comes along with the question. The problem was exactly the missing hostname.
I solved the problem by editing /etc/hosts on my Apache server and adding two entries. One api.myapp.net, one alpha.myapp.net both referencing the same IP.
Then I changed bot Apache proxy configurations, so that ProxyPass and ProxyPassReverse do not use IP's anymore but the new hostnames.
And voila it works.