I have 5 sites on one apache server. One of the sites is with SSL. So when the other sites are accessed with https then they are redirected to the SSL site which is incorrect.
E.g.
https://x.com (with SSL)
http://y.com (normal site no SSL)
If I access https://y.com then I get the content from x.com. How can I fix so https://y.com just gets rewritten to http://y.com?
In your .htaccess put:
RewriteCond %{HTTPS} on [NC]
RewriteRule ^(.*)$ http://y.com/$1 [R=301,L]
You can define it in apache config file. You must add a rule to connection incoming from https port.
If you are using linux, propably you have this config in /etc/apache2/sites-available/default-ssl.
If you don't have this file you must searching https virtualhost:
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
Related
Apache virtual hosting url redirect from one domain to other domain without showing the url in the browser?
That's not redirect, that's called Reverse Proxy.
Example:
ProxyPass /url-path/ http://backend.example.com/url-path/
This will reverse proxy all requests to /url-path/whatever to the server backend specified
More information at:
http://httpd.apache.org/docs/2.4/mod/mod_proxy.html
http://httpd.apache.org/docs/2.4/howto/reverse_proxy.html
No, there isn't a way to do this with .htaccess if your sites are on different servers. Doing so would present big security hole, imagine if someone does this with a bankĀ“s website.
However, if both are hosted on the same server try this on your .htaccess file:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_HOST} ^domain1.com$ [OR]
RewriteCond %{HTTP_HOST} ^http://www.domain1.com$
RewriteRule (.*)$ http://www.domain2.com$1 [P]
</IfModule>
If you own both domains you could accomplish this with domain name forwarding. Check the options in your registrar (maybe godaddy, or dns managers like cloudflare).
I have a site that contains subdomains, I have installed a SSL certificate, and I want HTTP requests to be redirected to HTTPS, however I don't want subdomains to be redirected to HTTPS except a couple: app.example.com and api.example.com which have to be HTTPS.
I have setup the code below, however it doesn't handle subdomains, my subdomains are currently redirecting to the HTTPS version of the root domain.
NameVirtualHost *:80
<VirtualHost *:80>
ServerName example.io
ServerAlias *.example.io
Redirect permanent / https://example.io/
</VirtualHost>
<VirtualHost _default_:443>
...
How shall I do this?
Edit: To be a bit more specific.
How can I...?
Redirect all http://example.com to https://example.com
Avoid redirections for http://sub1.example.com, http://sub2.example.com, http://sub3.ex... and so
Redirect http://app.example.com and http://api.example.com to https://...
Thanks.
This can pretty easily be done with mod_rewrite.
RewriteCond %{HTTPS} =off
RewriteCond %{HTTP_HOST} "^(((app|api)\.)?example\.com)$"
RewriteRule ^/(.*)$ https://%1/$1 [R,L]
The first condition ensures the rule is only triggered for non-HTTPS requests. This can be omitted if you put the rule in your port 80 vhost and only accept non-HTTPS requests on that port.
The second condition inspects the HOST header to ensure it's example.com, app.example.com, or api.example.com.
The rule itself issues a redirect to the HTTPS counterpart. %1 is a backreference to the full HOST header contents (%0 could work here as well and allow you to omit some parens) and $1 is a backreference to the path (minus the leading forward slash).
NOTE: You can probably use the if directive as well to limit the redirect as desired.
We have web servers running Apache behind an AWS ELB. I have setup the ELB to accept HTTPS connections, and send the requests over HTTP to the webservers. This works fine.
I have also redirected all the requests to ELB from HTTP to HTTPS using HTTP:X-Forwarded-Proto.
I have added the below virtualhost section to my httpd.conf file and restarted Apache. This setup is redirecting HTTP requests to HTTPS but it is landing on the Apache home page instead of the expected site.
ServerName www.myexample.com
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule !/index.html https://%{SERVER_NAME}/%{REQUEST_URI} [R=301,L]
The configuration seems to be simple and straightforward but not working.
Please let me know what is wrong in the above setup and why is it landing on the Apache home page.
You should escape the . in your rewrite rule. Change your Rewrite to be:
RewriteRule "!/index\.html" https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
Also, as in the comment to your OP Remove the slash between %{HTTP_HOST}%{REQUEST_URI}
Here's my set up:
EC2 with Apache using elastic load balancer.
I'm looking to have all http traffic redirect automatically to https. I found this reco and tried it by adding to my httpd.conf file:
<VirtualHost *:80>
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI}
</VirtualHost>
However, this didn't work before or after I restarted the server. HTTP didn't redirect and my sites threw all sorts of errors until I removed the rule from my config.
I'm thinking that I'm updating the file wrong or have the load balancer set up incorrectly. For the listeners for the load balancer I have LB protocol HTTP with port 80 with instance protocol HTTP and instance port 80. I have LB protocol HTTPS on port 443 with instance port 443. My SSL is on this latter protocol.
Any idea where to head from here?
The configuration that you have mentioned should work well. The problem might be that the mod_rewrite module is not loaded. Add below lines to your apache configuration to load rewrite module.
LoadModule rewrite_module modules/mod_rewrite.so
You can try below configuration which is much simpler than what you are using.
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
My application is hosted in AWS. It has Apache proxying to tomcat. SSL is terminated at the Elastic Load Balancer, and all traffic is offloaded to port 80.
My need is to have all requests to the site be redirected to SSL. I've been doing a lot of reading about mod_rewrite and have experimented with various solutions I've found on the web, but have not been able to make this work.
To be clear, Apache is successfully proxying requests to Tomcat. It's the redirection to HTTPS that I'm stuck on. Any suggestions would be welcome.
Try with the X-Forwarded-Proto header, e.g.:
<VirtualHost *:80>
...
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R=permanent]
...
</VirtualHost>