HTTP -> HTTPS Redirection with OpenBSD's httpd
In my setup of PHPMyAdmin I have an apache config that looks like this:
<VirtualHost 72.233.89.20:80>
ServerName mysql
ServerAlias mysql.*
UseCanonicalName Off
DocumentRoot /var/www/phpmyadmin/html/
DirectoryIndex index.html index.htm index.php
AddType application/x-httpd-php .php
php_admin_value open_basedir /var/www/phpmyadmin/
php_admin_value file_uploads 1
php_admin_value upload_tmp_dir /var/www/phpmyadmin/phptmp/
php_admin_value session.save_path /var/www/phpmyadmin/phptmp/
</VirtualHost>
#
######
# Interface for https (openssl)
######
#
<IfModule mod_ssl.c>
<VirtualHost 72.233.89.20:443>
ServerName mysql
ServerAlias mysql.*
UseCanonicalName Off
DocumentRoot /var/www/phpmyadmin/ssl
SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl/server.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl/server.key
DirectoryIndex index.html index.htm index.php
AddType application/x-httpd-php .php
php_admin_value open_basedir /var/www/phpmyadmin/
php_admin_value file_uploads 1
php_admin_value upload_tmp_dir /var/www/phpmyadmin/phptmp/
php_admin_value session.save_path /var/www/phpmyadmin/phptmp/
</VirtualHost>
</IfModule>
Note how it is set up on port 80 and port 443.
In the webroot of http (port 80) I just have a .htaccess file that looks like this:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
To redirect it all to SSL.
All of the PHPMyAdmin files live in the SSL directory.
I suggest setting up your vhost to serve on both port 80 and port 443. PHPMyAdmin itself is just a php script, it does not force any port. It is all about how your webserver/vhosts are configured.
Related videos on Youtube
dragonmantank
Love to program in PHP, starting to look into Python and C# as well.
Updated on September 17, 2022Comments
-
dragonmantank almost 2 years
Running OpenBSD 4.4-stable with the built-in httpd daemon and PHP5 which has been moved from an Ubuntu 8.04-server box. Since the movement phpMyAdmin seems to generate the following error every so often (and sometimes all the time, like logging in):
Bad Request Your browser sent a request that this server could not understand. Reason: You're speaking plain HTTP to an SSL-enabled server port. Instead use the HTTPS scheme to access this URL, please.
The address for phpMyAdmin is under an https:// URL, and when this error occurs phpMyAdmin is trying to use http://domain.com:443/ which obviously won't work.
I also have a mod_rewrite rule to always force HTTPS but since the browser is forcing the 443 port it never gets fired.
Any ideas how to remedy this?
[EDIT]
Here is my vhost directives since those were requested:
<VirtualHost *:80> DocumentRoot /var/www/htdocs RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} </VirtualHost> <VirtualHost *:443> DocumentRoot /var/www/htdocs ErrorLog logs/error_log TransferLog logs/access_log RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) RewriteRule .* - [F] </VirtualHost>
[EDIT 2]
I turned off the rewrite rule and everything works like a charm :/ Not sure what to make of that since the same rewrite rule works elsewhere.
-
sh-beta about 15 yearsCan you dump the relevant portions of your Apache config here? This sounds like a bad rewrite rule...
-
HopelessN00b about 9 yearsAdministration panels are off topic. Even the presence of an administration panel on a system, because they take over the systems in strange and non-standard ways, making it difficult or even impossible for actual system administrators to manage the servers normally, and tend to indicate low-quality questions from users with insufficient knowledge for this site.
-
-
sh-beta about 15 yearsYou don't need the Rewrite directives in the .htaccess file - you can just drop them into the <VirtualHost ip:80> section.
-
dragonmantank almost 15 yearsHey, thanks for the suggestions. I've tried the above suggestions and still no go (except for the IE thing, this happens in both Firefox and IE). As part of a new company policy we're switching everything over to CentOS instead of the mix of OSes we have now, so I'll see if its still doing it after that. Thanks!
-
Memb almost 15 yearsNo probs and good luck.