I'm sure i've seen a feature in apache that can rewrite urls so you can point domain2.com at domain1.com and it rewrites everything domain1.com to domain2.com on the fly.
is there a similar thing for https?
In apache, if i go to https://example.com, the page itself is over https, but all images/links are http://. Is there way to auto rewrite the html so its all https://?
(it's running zen cart by the way)
Try this:
Using a protocol-independent absolute
path:
<img src="//domain.com/img/logo.png"/>
If the browser is viewing an page in
SSL through HTTPS, then it'll request
that asset with the https protocol,
otherwise it'll request it with HTTP.
This prevents that awful "This Page
Contains Both Secure and Non-Secure
Items" error message in IE, keeping
all your asset requests within the
same protocol.
Unless you use absolute URLs everyhwere, this should work "automagically". So you only need to check two things:
use relative URLs to point to resources on your own server and
make sure you're not using <base href="http://something">
You can just link to /path/to/page.html instead of http://example.com/path/to/page.html. That way, if it's HTTP it'll stay HTTP, and if it's HTTPS it'll stay HTTPS.
If Zen Cart is adding the domain to all links, though, you'll need to edit the software.
The apache module you referenced is called mod_rewrite, and yes it can handle what you are asking for, although I agree with the above answers that using a protocol independent path is the best solution.
Related
I have a website in angular using a api. Now i want to create automated landing pages.
My api url is made like this (https://) system.mydomain.com/api - its a rest api using slim framework
now i have created routes for the landing pages like (https://) system.mydomain.com/content/seo-name-of-item
this works but i dont want to show "system.mydomain.com" in this case (so in the URI "content") but then i want it to be (https://) mydomain.com/content/seo-name-of-item or/and (https://) www.mydomain.com/content/seo-name-of-item
what is the best approach to get this behaviour?
Most elegant probably is to use apaches proxy module in combination with rewriting rules. That leaves the URL visible in the browser unchanged but internally proxies the requests between otherwise separate http hosts.
Use such a rule in the hosts www.example.com and/or example.com host:
RewriteEngine on
RewriteRule ^/?content/seo-name-of-item https://system.example.com/api [END,P]
The syntax should work in the real http host configuration or in htaccess style files. But a general hint: you should always prefer to place such rules inside the http servers host configuration instead of using .htaccess style files. Those files are notoriously error prone, hard to debug and they really slow down the server. They are only provided as a last option for situations where you do not have control over the host configuration (read: really cheap hosting service providers) or if you have an application that relies on writing its own rewrite rules (which is an obvious security nightmare).
If you get an internal server error with that (http status 500), you might have to replace the END flag with the older L flag.
You need validatable ssl certificates for the externally visible host name, so www.example.com and/or example.com.
You can also decide to use http internally, for the internal proxy connection, since ssl encryption does not really make sense there.
Oh, and obviously you need the proxy module installed.
An alternative would be to use the proxy module only. Take a look at the documentation and examples of the ProxyPass rule: https://httpd.apache.org/docs/current/mod/mod_proxy.html
I'm working on a site which shows lots of images hosted on third party CDN's. Right now, the images are not delivered over SSL. Is there a way to use mod_proxy in htaccess to do something like the following -
https://example.com/imageProxy?url=http://www.example.org/some3rdPartyHostedImage.jpg
Where I could take a given image URL and deliver it via my own server? In this way, I could have the images being served via SSL. I realize the security benefits of this is are a little dubious, but I'm trying to figure out if it is even possible at this point.
Weird your CDN doesn't provide SSL access.
Before continuing you must understand setting up a proxy on your Apache will kill most of the CDN benefits. Otherwise yes, you could make it.
I suggest you use your proxy through a rewrite rule, something in the lines of (examples straight from the documentation):
RewriteRule "/(.*)\.(jpg|gif|png)$" "http://images.example.com/$1.$2" [P]
Or (ref):
ProxyPassMatch "^/(.*\.jpg|gif|png)$" "http://backend.example.com/$1.$2"
I have a video website which I recently changed from http to https.
i.e http://example.com to https://www.example.com.
And I have also made an htaccess entry to automatically 301 redirect all http urls to https.
The old video embed code links given to external customer sites are like :
<script scr="http://example.com/embed_script.js"></script>
Some customer websites also changed to http to https. In those https websites the above link with http protocol won't work because of mixed content. I have no control over the customer sites to change those urls to https. Any automatic redirect solution exists for this ?
You can't fix this unless you get them to use https. You could perhaps locally cache a copy as a workaround, but I've never done that.
I want to make our TYPO3 v4.5 website accessible by HTTP and HTTPS. I already configured SSL for Apache and requesting the main page displays it... partially.
The baseurl within the page links to my http-site (and is not a https-URL), and therefore the browser won't load the css files, because they come from an unsafe part of my domain.
I believe I could switch my whole site to HTTPS, but don't want it. I would like that when the site is called by HTTP, all URLs are generated as http:// and when called over SSL, all urls should be generated as https:// URLs.
Did anybody achieve something like that?
Use a TypoScript condition to output the base URL dependent on the used protocol:
config.baseURL = http://example.com
[globalString = ENV:HTTPS=on]
config.baseURL = https://example.com
[global]
That's a bit ugly (as both variants will not share caches), but Protocol-relative tags are not possible. The only alternative (to baseURL) is config.absRefPrefix.
My site uses AJAX, and it seems like I have to include the full path when I use it to access a function. This is fine, as I can code it in. The problem is, I have hardcoded http://www.example.com... but if a user has gone to http://example.com (without the www) this gives an access problem and the AJAX won't execute.
I think the easiest way to resolve this would be to make sure that if a user goes to mysite.com, they are redirected to www.example.com.
I can find solutions online, but they all involve the htaccess file, which my server doesn't support - I have to use rewrite.script instead.
How can I do this using rewrite.script, or is there an alternative way to approach this?
Thanks for the suggestions - I was directed to this: http://seo-website-designer.com/Zeus-Server-301-Redirect-Generator which created the rewrite.script file I needed.
In .htaccess found in your root document:
Redirect http://example.com/ http://www.example.com/
If there is no support for .htaccess on your server, you may have to include meta tag redirect on the head of your page. or using javascript to check the URL source then redirect it.