Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: Issue with HTTPS Redirect |
|
| Author |
|
raomys
Joined: 01 Jul 2022
Posts: 2
Location: Mysore, India
|
 Posted: Fri 01 Jul '22 12:26 Post subject: Issue with HTTPS Redirect |
 |
|
Hi,
I have the following apache2.conf file on a Ubuntu 20.04 server.
<VirtualHost *:8081>
ServerAdmin support@example.com
ServerName support.example.in
ServerAlias support.example.in
DocumentRoot /var/www/myapp
<Directory "/var/www/myapp">
Options FollowSymlinks
AllowOverride All
Require all granted
Order allow,deny
Allow from all
</Directory>
#RewriteEngine On
#RewriteCond %{HTTPS} !=on
#RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R=301,L]
Redirect permanent / https://support.example.in:6443/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
If users type in the The HTTPS link, the website works fine (https://support.example.in:6443) but if they use the HTTP link (http://support.example.in:8081) the redirect does not work. I have tried using the RewriteEngine On directives too but there is no difference.
Is there something more fundamental I am missing?
Thanks in advance.
Regards,
Rao[/code] |
|
| Back to top |
|
tangent
Moderator
Joined: 16 Aug 2020
Posts: 348
Location: UK
|
| Posted: Fri 01 Jul '22 20:38 Post subject: |
|
|
Your current redirect statement will only redirect requests for the site root; not any site URI.
Conversely, your commented out rewrite logic doesn't include your target port of 6443. Moreover, the rewrite condition for missing HTTPS is not appropriate, since your non-secure virtual host needs to redirect all requests that are on the wrong port.
Try the following revised rewrite logic instead:
| Code: | RewriteEngine On
RewriteRule ^/(.*)$ https://%{HTTP_HOST}:6443/$1 [L,NE,QSA,R=302] |
Hard code the %{HTTP_HOST} entry if needbe. |
|
| Back to top |
|
raomys
Joined: 01 Jul 2022
Posts: 2
Location: Mysore, India
|
| Posted: Sat 02 Jul '22 7:28 Post subject: |
|
|
Thanks Tangent.
First, I tried to correct the error you mentioned by adding the https port, but it did not work.
| Code: |
RewriteRule ^/?(.*) https://%{SERVER_NAME}:6443/$1 [R=301,L]
|
Next, I tried your solution but that didn't work too.
| Code: |
RewriteRule ^/(.*)$ https://%{HTTP_HOST}:6443/$1 [L,NE,QSA,R=302]
|
Replaced HTTP_HOST but didn't work.
| Code: |
RewriteRule ^/(.*)$ https://support.example.in:6443/$1 [L,NE,QSA,R=302]
|
Both these cases sent the redirect to, https://support.example.in:8081/ which is wrong.
For what its worth, I am pasting the HTTPS sections of the VirtualHost file.
| Code: |
<VirtualHost *:6443>
Protocols h2 http/1.1
ServerName support.example.in
ServerAlias support.example.in
#<If "%{HTTP_HOST} == 'support.example.in'">
#Redirect permanent / https://support.example.in:6443/
#</If>
DocumentRoot /var/www/myapp
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine On
SSLCertificateFile /etc/ssl/certs/sandbox.crt
SSLCertificateKeyFile /etc/ssl/certs/sandbox.key
SSLCertificateChainFile /etc/ssl/certs/GlobalSignIntermediate.crt
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
</VirtualHost>
|
Just curious, many posts on the Internet suggest
| Code: |
Redirect permanent / https://support.example.in:6443/
|
The DocumentRoot was /var/www/myapps and yet the Redirect only used /. It worked too in an earlier installation of mine. Not sure what I am doing wrong here.
Thanks. |
|
| Back to top |
|
tangent
Moderator
Joined: 16 Aug 2020
Posts: 348
Location: UK
|
| Posted: Sat 02 Jul '22 15:00 Post subject: |
|
|
In your original post, you had used permanent (301) redirects, rather than the default temporary (302) redirects.
I have encountered problems when using permanent (301) rather than temporary (302) redirects. The problem is browsers (as much as proxies), will cache this result, and not bother contacting the server in the future. This can be a real pain if you make a mistake during testing, or subsequently decide to change the site logic on your server. So I'd recommend using 302 redirects.
Either way, I'd re-instate the rewrite logic variant.
Then in your browser, bring up the Developer Tools (Shift+Control+I in Chrome or Firefox), and whilst viewing the Network tab reload your site to see if the browser is using cached content. Then clear your browser cache, and try again. The traffic trace should enable you to check out what request the client is making, and what response detail the server is sending. |
|
| Back to top |
|
|
|
|
|
|
