My website URL till now was as per this pattern https://www.xyz.com, from which i served both static and dynamic contents. https://www.xyz.com defaults to home page, https://www.xyz.com/static/index.html, and dynamic contents are served from https://www.xyz.com/dyna/login.jsp.
Recently I added an additional webserver and got sub domain registered from which I plan to serve static content through http URL scheme instead of https, and only serve dynamic pages from https URL. So, if user types https://www.xyz.com, should redirect to http://static.abc.com.
Webserver: Apache 2.x
My Queries are:
a. How to configure apache to redirect request on https://www.xyz.com to http://static.abc.com while ensuring that request to https://www.xyz.com/dyna/login.jsp does not get redirected?
Will this have any noticeable performance overhead?
b. If redirection from http to https and also launching http screen from https page lead to any security warning in this case?
Note that I do not intend to submit any data from http to https and vice versa, it will be just URL redirection or links.
c. How to make the redirection cacheable?
use .htaccess to define https://www.example.com/static/index.html as https://www.example.com/index.html
Options +FollowSymLinks
RewriteEngine on
RewriteCond %{HTTP_HOST} ^domain/static/index.html [NC]
RewriteRule ^(.*)$ domain/index.html$1 [L,R=301]
Related
Background:
We have DNS pointing to new server.
Apache Server has a directory called example
Example directory has an htaccess file for redirecting, code below
Issue is : We need this to redirect any variation of the url ie: http://example.com, https://example.com, http://example.com/filename.html, https://example.com/directory/filename.html, etc.. to a specific page on another server.
So far, we have the code below, it works correctly for https, but not http.
RewriteEngine on
RewriteBase /
RewriteCond %{HTTP_HOST} ^example.com [NC]
RewriteRule ^(.*)$ https://differenturl/login/login.html [R=301,L]
I feel like there is a simple answer but can't seem to find it!
**Edit: for clarification -by not working, I mean that I am not redirected to https://differenturl/ etc... using http. It only works for https. http routes me to the home page of the server that this all sits on. And that server has a different domain name than anything above.
If it's "not working" for HTTP then either:
The <VirtualHost> container for port 80 (ie. HTTP) is not configured at all in the server config.
Or,
The vHost:80 container is pointing to a different area of the filesystem, so the .htaccess file is not processed.
Or,
The vHost:80 container does not permit .htaccess overrides so the .htaccess file is ignored. You either need to configure .htaccess overrides by setting AllowOverride All in the appropriate <Directory> container in the vHost:80 container. Or simply redirect everything to HTTPS in the vHost:80 container (eg. Redirect / https://example.com/) and then allow the .htaccess file to redirect from HTTPS. (That's potentially 2 redirects, but that should not be an issue.)
Or just do the redirect (to the other server) in the server config and not use .htaccess at all.
I am attempting to rewrite the URL displayed in a browser to eliminate the https:// portion. Not being familiar with Apache coding, I have tried many different ways of tweaking other code to achieve the result, but without success.
My .htaccess file includes 310 redirect rules, as well as some rewrite conditions, all of which are presently working:
# Force browswer to use SSL, even when referring URL is non-secure
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Catch-all for any potential 404 error (file not found) will
# redirect to the index (/) page
Options +SymLinksIfOwnerMatch
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . / [L,R=301]
Any help on this front is greatly appreciated!
I am attempting to rewrite the URL displayed in a browser to eliminate the https:// portion.
I would be curious to see your "attempts". And why you are wanting to do this?
Basically, you can't.
You have no control over how the browser displays the protocol (ie. https, or http), or any part of the URL for that matter, in the browser's address bar. And any attempt to "rewrite" the URL to remove https:// is only likely to stop your site serving content over SSL - which is not your intention. The only way to change the physical appearance of the URL in the browser's address bar is by changing the physical URL. This is basic browser security - the website should not be able to control this behaviour. You don't want the website to be able to pretend to be something it is not (ie. phishing).
However, some browsers do allow the user to control this behaviour to some extent. For example, Opera will show a more friendly URL by default, omitting the HTTP protocol and even the query string. However, this "friendly" display format can be disabled in settings to instead show the complete "real" URL.
Generally, by default, browsers tend to hide the protocol when serving over plain HTTP and show it only when serving over HTTPS - an additional indication to the user that the site is secure. Any attempt to remove the protocol is only going to disturb user trust.
checked the Forum but could not find an ideal answer. I have recently installed a SSL Certificate on my site and in the process of creating 301 redirects via the .htaccess file for nearly 400 page urls (to keep Google happy). I thought of using;
redirect 301 /contact.php https://www.mydomainname.co.uk/contact.php
but it breaks the site. The only solution I have seen is;
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule ^contact\.php$ https://www.mydomainname.co.uk/contact.php [L,R=301]
The above seems a lot of code to use for each of the 400 pages! is there a quicker way with less code I can use in the .htaccess file?
Many thanks. Hope someone can advise.
There are two basic ways of redirecting pages with Apache: Redirect (of mod_alias) and RewriteRule etc. (of mod_rewrite).
Redirect is very simple: it will just redirect a single URL to another. It can be useful sometimes, but it's usefulness is limited to its simplicity: in the case of HTTP-to-HTTPS redirection, it can't differentiate between HTTP and HTTPS connections, so it will just try to redirect to HTTPS even if you're already on HTTPS (and thus you end up in an infinite redirect loop).
RewriteRule, on the other hand, is more advanced and flexible. You can use RewriteCond to conditionally redirect requests; in your case, you'd want to redirect requests only if they're on a HTTP connection.
As you mentioned, you want to redirect to HTTPS for many (I presume all) requests; you can easily do this with only a single rule:
# Enable rewrites
RewriteEngine on
# Only run next RewriteRule on HTTP connections (not HTTPS)
RewriteCond ${HTTPS} off
# Redirect any page to the same URL with https:// schema
RewriteRule (.*) https://${SERVER_NAME}/$1 [L,R=301]
(The ${SERVER_NAME} variable will automatically be equal to your domain name, so you can even use this on web servers with multiple domain names.)
I used Apache's mod_rewrite to redirect HTTP request to another server. I want to keep original URL in client's browser. Now it displayed rewrited URL in client's browser. The configuration as below in Httpd.conf file. Thank you advance.
RewriteEngine On
RewriteBase /tpiaccs/
RewriteRule /tpiaccs/uat/(.*) http:///tpiaccs/uat/$1 [NC,L]
If I recall correctly, by default it rewrites using external redirection (an implicit [R] flag) unless you specify otherwise.
This might do what you're after:
RewriteRule /tpiaccs/uat/(.*) http:///tpiaccs/uat/$1 [P,NC,L]
The P should make it internally proxy the request rather than doing an external redirect.
See https://httpd.apache.org/docs/trunk/rewrite/flags.html for details on the flags that can be used with URL rewriting.
We've had our site running on (say) stuff.com for a while, with a load of sub-domains for different applications, red.stuff.com, blue.stuff.com and of course a load of content stuff.com/things/in/my/head
We've recently purchased a new domain, awesome.com.
Can we configure Apache to replace the 'stuff.com' in any request that turns up, with 'awesome.com' permanently? Would this method keep any search engine listings and existing links valid?
Thanks
You can use Apache's rewrite engine. Add this to your virtual server configuration (either in http.conf or in the sites-enabled directory):
RewriteEngine On
RewriteCond %{HTTP_HOST} stuff.com
RewriteRule ^(.*) %{HTTP_HOST}$1 [C]
RewriteRule ^(.*)stuff.com(.*) http://$1awesome.com$2 [R,L]
The [C] chains the two rules together. The first rule inserts the requested domain name into the request. The next rule redirects the request to the new domain name, extracting the subdomain and the rest of the URL if necessary.
It should redirect any incoming request (I tested it with subdomains, files, and query strings in the URL), so the search engine links would still work. I don't know how it affects search engine ranking, though.