[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 9878
  • Last Modified:

mod rewrite htaccess and https (SSL)

Below is what I have so far.
Here is the problem:
I also noticed that if I use the htaccess file below and I try to access something like
https://www.maindomain.com/directory/index.php
I get an internal server error.
NOTE -  that the above URL is to a secure server (SSL) is there a condition I need to put in there so it knows what to do with the HTTPS?

RewriteEngine on
0 #Take anything other than main domain, and direct it to maindomain.com
1 RewriteCond %{HTTP_HOST} !^www.maindomain.com$ [NC]
2 RewriteCond %{REQUEST_URI} !^/robots\.txt$
3 RewriteRule (.*) http://www.maindomain.com/$1 [R=301]
4
5 #If robots.txt is requested from anything other than maindomain send new txt file.
6 RewriteCond %{HTTP_HOST} !^maindomain\.com
7 RewriteRule ^robots\.txt /robots_noindex.txt [L]
0
killer455
Asked:
killer455
  • 14
  • 11
  • 3
1 Solution
 
rjkimbleCommented:
You need to have two virtual hosts -- one for the HTTP server (port 80) and one for the HTTPS server (port 443).

I think that line 7 needs to be something like this:

RewriteRule ^robots\.txt /robots_noindex.txt [R,L]

Maybe line 1 should be this:

RewriteCond %{HTTP_HOST} !^www\.maindomain\.com$ [NC]

0
 
TomDavidsonCommented:
What does it say in apache's error_log ?
0
 
killer455Author Commented:
This is what I am using now, simplified to try to find my problem.

Conetents of .htaccess:

Options +FollowSymLinks
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www\.example\.com [NC]
RewriteRule (.*) http://www.example.com/$1 [R=301,L]
0
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
rjkimbleCommented:
I don't think the issue is with your rewrite rules, because I just configured my server with these rules and they worked. I do think your RewriteRule should be tweaked, however:

RewriteRule /(.*) http://www.example.com/$1 [R=301,L]

I think you should check the error log as TomDavidson suggests.
0
 
killer455Author Commented:
Ok when I get this error this is what I get:

Any ideas?

SSL Request Log:
[02/Aug/2004:16:39:07 -0400] 165.134.117.49 SSLv3 RC4-
MD5 "GET / HTTP/1.1" 630

Not seeing anything in the error log even though it is a 500 internal server error.
Apache/1.3.29 Server at domain.com Port 443
0
 
rjkimbleCommented:
No ideas here. How about posting your virtual host section for that virtual host.
0
 
killer455Author Commented:
I do not have access to the httpd.conf file.  This is where the virtual host section would be right?
0
 
rjkimbleCommented:
Yes. That does present a problem.
0
 
TomDavidsonCommented:
Could it be that the error_log is somewhere else? Some hosts log each virtualhost's access log separately from the main logs but not the error_log - just a thought as a 500 error should produce a line in the error_log.
0
 
killer455Author Commented:
Well i have access to the error logs but it seems that it is not logging any HTTPS requests that produce an error.
0
 
TomDavidsonCommented:
see if there is any useful information in ssl_error_log if you have access to it.
0
 
killer455Author Commented:
Tom,
There is where the problem lies.  I am trying to get my host to enable these error logs.  It seems to be taking them a little bit to do it.  Right now there is only a ssl_request_log that lists what I posted above.
0
 
rjkimbleCommented:
>> There is where the problem lies.

Agreed. I don't think we have enough information to help you with your problem. If you can't see httpd.conf, it makes life a bit tricky.

However, something just occurred to me. If you're configuring mod_rewrite through .htaccess files, then it seems to me that both HTTP and HTTPS requests will be affected the same unless you differentiate somehow. And that means you might consider adding the following directive:

RewriteCond %{SERVER_PORT} ^80$

So your rewrite rules would look like this:

Options +FollowSymLinks
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www\.example\.com [NC]
RewriteCond %{SERVER_PORT} ^80$
RewriteRule /(.*) http://www.example.com/$1 [R=301,L]

For HTTPS rewrite rules, you would use 443 for the port instead of 80.
0
 
killer455Author Commented:
rjkimble,

I have tried that, and doing
RewriteCond %{SERVER_PORT} !^443$

I have also tried simply doing
RewriteCond %{HTTP_HOST} !.example\.com:443$ [NC]

I am waiting on ssl error logs then I will be able to post more info.
0
 
killer455Author Commented:
Ok finally, here is the ssl_error_log statement:

Here is what I get from the error log.
Keep in mind it works for HTTP request, but not HTTPS.
[Tue Aug 3 14:48:18 2004] [alert] [client 165.134.117.49] /home/username/www/.htaccess: Invalid command 'RewriteEngine',
perhaps mis-spelled or defined by a module not
included in the server configuration
0
 
rjkimbleCommented:
Maybe all you need to do is to wrap your rewrite rules with the <IfModule> tag:

Options +FollowSymLinks
<IfModule mod_rewrite.c>
  RewriteEngine on
  RewriteCond %{HTTP_HOST} !^www\.example\.com [NC]
  RewriteRule (.*) http://www.example.com/$1 [R=301,L]
</IfModule>
0
 
killer455Author Commented:
That works except the rewrites do not work for https:// and when I access a https:// document it says the certificate does not match (this only happens when I add what you have above to the .htaccess file)
0
 
rjkimbleCommented:
It appears that you need to discuss this with your hosting provider. What does the certificate say when you make this change? Meaning, what does the certificate say is the name of your server, and what is the name of the server you're attempting to browse to? That's what I would look at and discuss with the hosting provider. It's possible that your provider has configured separate instances of Apache, one for HTTP and one for HTTPS, and that their configurations don't match.
0
 
killer455Author Commented:
Ok until my host fixes their problems this is what I have.

Questions:
1) Does the subdirectory redirect need to be a R=301? How will search engines handle this?

Options +FollowSymLinks
<IfModule mod_rewrite.c>
  RewriteEngine on

  #redirect a domain to a subdirectory on my server
  RewriteCond %{HTTP_HOST}    ^(ww+\.)?somesubdomain\.com [NC]
  RewriteCond %{REQUEST_URI} !/somesubdomain/
  RewriteRule ^(.*)$ /somesubdomain/$1 [L]

  RewriteCond %{HTTP_HOST} !^www\.maindomain\.com [NC]
  RewriteRule (.*) http://www.maindomain.com/$1 [R=301,L]
</IfModule>
0
 
killer455Author Commented:
Also is there a way to have a certain subdirectory in my domain to be ONLY accessable via HTTPS?  In other words if any requests to a directory are made from HTTP is redirects to HTTPS?  Please note this is only for a defined directory not the whole domain.

Points increased.
0
 
killer455Author Commented:
I also want to keep the maindomain.com name in the browser address bar for the subdomain redirect, with the code above, it doesnt.
0
 
rjkimbleCommented:
Can you give some sample input URL's and what you want them rewritten to? That would help me a lot.
0
 
killer455Author Commented:
0
 
rjkimbleCommented:
Then in the order directory, try something like this:

<IfModule mod_rewrite.c>
  RewriteEngine on
  RewriteCondition    %{SERVER_PORT}    !^443$
  RewriteRule    ^/order/(.*)$    https://www.maindomain.com/order/$1    [R,L]
</IfModule>

BTW -- I don't know anything about how search engines handle redirects. That's not my bag. I don't even know the appropriate place to post search engine optimization questions.
0
 
killer455Author Commented:
I will try that once i get back to my main computer.  Will close this questions tonight and award points.  Thanks.
0
 
killer455Author Commented:
rjkimble,
It doesnt seem to have any effect.
0
 
rjkimbleCommented:
Here's an interesting comment I just noticed in the documentation:

Note: To enable the rewriting engine for per-directory configuration files you need to set ``RewriteEngine On'' in these files and ``Options FollowSymLinks'' must be enabled. If your administrator has disabled override of FollowSymLinks for a user's directory, then you cannot use the rewriting engine. This restriction is needed for security reasons.
0
 
rjkimbleCommented:
Did you get it to work?
0

Featured Post

Learn to develop an Android App

Want to increase your earning potential in 2018? Pad your resume with app building experience. Learn how with this hands-on course.

  • 14
  • 11
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now