HTTP to HTTPS rewrite rule not working
If you want that http://www.mywebsite.com/
is always be sent over https
you should use redirect
because use mod_rewrite
isn't the recommended behavior.
According to Redirect Request to SSL Apache wiki page:
When using SSL, you will frequently have at least two virtual hosts: one on port 80 to serve ordinary requests, and one on port 443 to serve SSL. If you wish to redirect users from the non-secure site to the SSL site, you can use an ordinary Redirect directive inside the non-secure VirtualHost
So, try to add this directive in your non-secure VirtualHost:
Redirect permanent / https://www.mywebsite.com/
If you want anyway use rewrite
rule, you should add these lines in non-secure VirtualHost
:
RewriteEngine On
# This will enable the Rewrite capabilities
RewriteCond %{HTTPS} !=on
# This checks to make sure the connection is not already HTTPS
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
# This rule will redirect users from their original location, to the same location but using HTTPS.
# i.e. http://www.mywebsite.com/foo/ to https://www.mywebsite.com/foo/
as described in HTTP to HTTPS Apache wiki page.
Your configuration doen't work, because it is not defined a non-secure VirtualHost (usually on port 80) that handles http requests and redirect them to secure VirtualHost.
Try adding these lines:
<VirtualHost *:80>
ServerName dev.dom1.com
Redirect permanent / https://dev.dom1.com/
</VirtualHost>
In this case you don't need a DocumentRoot
because this VirtualHost
is redirecting everything.
Rewrite
rule shown in your configuration file protect secure VirtualHost
from being accessed via http
protocol, for example http://www.mywebsite.com:443/
will be https://www.mywebsite.com:443/
You should also check that your site linking to the correct page (https) from within your HTML pages.
Related videos on Youtube
rajeev
Updated on September 18, 2022Comments
-
rajeev over 1 year
ubuntu 14.04
Apache/2.4.7
I am posting here conf file for my virtual host and default ssl host. not able to figure what am I doing wrong.
http://<website_url>
shows the index of the folder. I want to redirect this to https.https://<website_url>
opens fine.IMPORTANT: I have not enabled the default SSL site.
cat default-ssl.conf|grep -v "#" <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerAdmin webmaster@localhost DocumentRoot /var/www/html ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined SSLEngine on SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> BrowserMatch "MSIE [2-6]" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} </VirtualHost> </IfModule>
And here is mywebsite configuration file:
cat www.mywebsite.com.conf|grep -v "#" <VirtualHost *:443> ServerName www.mywebsite.com:443 ServerAlias www.mywebsite.com ServerAdmin [email protected] DocumentRoot /var/www/www.mywebsite.com/html Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains" <IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} </IfModule> SSLEngine on SSLEngine on SSLCertificateFile /etc/apache2/ssl/apache.crt SSLCertificateKeyFile /etc/apache2/ssl/apache.key <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> BrowserMatch "MSIE [2-6]" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown ErrorLog ${APACHE_LOG_DIR}/ssl.error.log CustomLog ${APACHE_LOG_DIR}/ssl.access.log combined </VirtualHost>
-
Lety over 9 yearsYou should add directive in those
VirtualHost
that is the same as 443VirtualHost
. I guess non-secureVirtualHost
withServerName www.mywebsite.com
andDocumentRoot /var/www/www.mywebsite.com/html
. If you need to redirect both, you need to define two 443 VirtualHost. -
rajeev over 9 yearsHello Letizia, 443 VirtualHost does not have a corresponding VirtualHost. Sites are like this:
http://www.dom1.com, https://dev.dom1.com, and http://www.dom2.com
. All hosted on same apache server. I am scratching my head and pulling my hairs at the moment. sorry, I am just not getting this virtual-host thing. -
Lety over 9 yearsSorry, maybe I didn't understand what you are doing :(. I thought you wanted to change protocol for a certain VirtualHost. Could you explain what is your goal?
-
rajeev over 9 yearsgoal is to give https access with authentication to developers, but normal www access for rest of the world. and anybody choosing to go to dev.dom1.com should be presented the https site.
-
Lety over 9 yearsLet's see if I understand. There are two
VirtualHost
on port 80, one haveServerName www.dom1.com
and the other haveServerName www.dom2.com
with different DocumentRoot content. Normal user access these sites with http a see the content. The thirdVirtualHost
is on port 443 andServerName
isdev.dom1.com
, developers access this site with https protocol and seeDocumentRoot
content. Please tell me if this assertion are right and what does not work or you can not achieve. -
rajeev over 9 yearsyes totally correct.
site 1: <VirtualHost *:80> ServerName www.dom1.com ServerAlias www.dom1.com ServerAdmin [email protected] DocumentRoot /var/www/www.dom1.com/html
...site 2: <VirtualHost *:443> ServerName dev.dom1.com:443 ServerAlias dev.dom1.com ServerAdmin [email protected] DocumentRoot /var/www/dev.dom1.com/html
...site 3: <VirtualHost *:80> ServerName www.dom2.com ServerAlias www.dom2.com ServerAdmin [email protected] DocumentRoot /var/www/www.dom2.com/html
... thx for help @Letizia -
Lety over 9 yearsYou are welcome, but now, I don't see where is the problem and how can I help you :)
-
Lety over 9 yearsMaybe you would like that access to
http://dev.dom1.com
are redirected tohttps://dev.dom1.com
. Is this what you are trying to do? -
rajeev over 9 yearsyes. correct. .
-
Lety over 9 yearsAnswer updated.