Solved

ReWrite Question

Posted on 2004-08-29
7
370 Views
Last Modified: 2010-03-04
I've been having some trouble setting up a rewrite statement.  

I want any traffic going to http://secure.mydomain.com to be redirected to https://secure.mydomain.com
So I added the following to my httpd.conf

# Virtual hosts
#

# Virtual host Default Virtual Host
<VirtualHost *>
        ServerSignature email
        DirectoryIndex index.php index.html index.htm index.shtml

        RewriteCond   %{SERVER_PORT}  !^443$
        RewriteCond   %{REMOTE_HOST}  ^secure.*
        RewriteRule ^(.*)$ https://secure.mydomain.com/$1 [R]


<IfDefine HAVE_SSL>

</IfDefine>
        LogLevel debug
        HostNameLookups off
</VirtualHost>


Is that a proper Rewrite rule?  Also I put this in http.conf  should it go in ssl.conf?  I've got my virtualhost set up my ssl.conf and it is working fine.  It points mydomain.com/secure to secure.mydomain.com.

##
## SSL Virtual Host Context
##

<VirtualHost _default_:443>

# General setup for the virtual host, inherited from global configuration
DocumentRoot "/var/www/html/secure"
ServerName secure.mydomain.com:443


Thanks,
 --Steven Osborn

Server Info:
Fedora Core 2
Apache 2.0.49
PHP 4.3.4
MySQL 3.23.58
0
Comment
Question by:steve918
  • 4
  • 2
7 Comments
 
LVL 2

Expert Comment

by:brozzis
ID: 11925564

Since such redirection has some sense only on SSL activated, you
could include it in <IfDefine tag...

I added also RewriteEngine On


<VirtualHost *>
        ServerSignature email
        DirectoryIndex index.php index.html index.htm index.shtml

<IfDefine HAVE_SSL>

  RewriteEngine On
        RewriteCond   %{SERVER_PORT}  !^443$
        RewriteCond   %{REMOTE_HOST}  ^secure.*
        RewriteRule ^(.*)$ https://secure.mydomain.com/$1 [R]

</IfDefine>

        LogLevel debug
        HostNameLookups off
</VirtualHost>
0
 
LVL 3

Author Comment

by:steve918
ID: 11928472
No luck.  secure.mydomain.com still just takes me to http://secure.mydomain.com
0
 
LVL 7

Expert Comment

by:CajunBill
ID: 11928802
Try dropping both of the RewriteCond, and change the RewriteRule as follows:

RewriteEngine On
RewriteRule   ^/(.*)   https://secure.mydomain.com/$1   [R]

However, I have not tested this as yet.
And of course we assume that mod_rewrite is built in - but it doesn't hurt to double check it.
And that there are no Rewrite or Alias directives before these Rewrite directives.
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 
LVL 2

Accepted Solution

by:
brozzis earned 500 total points
ID: 11928811

  RewriteEngine On
        RewriteCond   %{SERVER_PORT}  !^443$
#        RewriteCond   %{REMOTE_HOST}  ^secure.*
        RewriteRule ^(.*)$ https://secure.mydomain.com/$1 [R]

these lines work to me.
Please take a look to the meaning of %{REMOTE_HOST}, it's not the URL requested,
but the requesting address
0
 
LVL 3

Author Comment

by:steve918
ID: 11935625
I tried all the suggestions above, but I'm beggining to think that maybe it isn't my syntax.

I have mod rewrite setup.  It was already loaded on the default Fedora install.
LoadModule rewrite_module modules/mod_rewrite.so

I've tried every possible combination of Rewrite conditions and rewrite rules.  The only thing I'm unsure about is where to put the rewrite statements in the config file.  I've got the secure virtual host setup in the ssl.conf, but i've got the rewrite statements under the default virtualhost in the httpd.conf

0
 
LVL 3

Author Comment

by:steve918
ID: 11945439
OK, I'm getting somewhere.  I added "Options +FollowSymLinks" and I got it working, BUT.  It works all the time now without the second rewrite condition...  Even when I don't want it to.  Like when someone just types www.mydomain.com

 I've got:
      
  RewriteEngine On
        RewriteCond   %{SERVER_PORT}  !^443$
#        RewriteCond   %{REMOTE_HOST}  ^secure.*
        RewriteRule ^(.*)$ https://secure.mydomain.com/$1 [R]

How do I make it only rewrite when someone types in secure.mydomain.com?
0
 
LVL 3

Author Comment

by:steve918
ID: 11946647
It's working now.  I just used the HTTP_HOST variable instead of REMOTE_HOST
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

As Wikipedia explains 'robots.txt' as -- the robot exclusion standard, also known as the Robots Exclusion Protocol or robots.txt protocol, is a convention to prevent cooperating web spiders and other web robots from accessing all or part of a websit…
Hi, in this article I'm going to teach you how to run your own site, and how to let people in (without IP). I'll talk about and explain each step... :) By the way, everything in this Tutorial is completely free and legal. This article is for …
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now