judyhz
asked on
Need Apache redirect/rewrite http to https (on IIS)
We're running Apache2 on port 80 and IIS on port 443 (https). We want to redirect http://secure.ourdomain.com requests (Apache) to https://secure.ourdomain.com (IIS). I've tried redirect and various rewrite commands and can't get anything to work. I'm writing to a rewrite log at level 4, and the log was created, but nothing is written to the log.
Here is what I have now in httpd.conf:
NameVirtualHost secure.mydomain.org
<VirtualHost secure.mydomain.org>
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^(.*)$ https://%{SERVER_NAME}$1 [L,R=303]
RewriteLog "/www/Apache2/logs/rewrite
RewriteLogLevel 4
</IfModule>
</VirtualHost>
Any ideas?
Here is what I have now in httpd.conf:
NameVirtualHost secure.mydomain.org
<VirtualHost secure.mydomain.org>
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^(.*)$ https://%{SERVER_NAME}$1 [L,R=303]
RewriteLog "/www/Apache2/logs/rewrite
RewriteLogLevel 4
</IfModule>
</VirtualHost>
Any ideas?
in your question your ask about
http://secure.ourdomain.com
but in your httpd.conf it is
<VirtualHost secure.mydomain.org>
is that correct?
http://secure.ourdomain.com
but in your httpd.conf it is
<VirtualHost secure.mydomain.org>
is that correct?
ASKER
The domain names are consistently named in the httpd.conf file and in the IIS --sorry for the confusion, I was using the mydomain as an example only.
ASKER
Update--I did try
RedirectMatch .* https://www.anotherserver.com$1
All the documentation I've seen says that should work but it didn't for me.
I've also tried adding a second IP to the server, and can see both IPs in ipconfig. I used listen xxx.xxx.xxx (second IP) in the httpd.conf file but can't restart Apache with this in the httpd.conf. I can use listen with the second IP with a non-80 port, restart Apache and access the server through that non-80 port. In IIS I am binding the secure.mydomain.com to the first IP. According to the docs I've read, this all should work...unfortunately, not for me.
Am I leaving out a step with adding the second IP to the server 2000 machine?
RedirectMatch .* https://www.anotherserver.com$1
All the documentation I've seen says that should work but it didn't for me.
I've also tried adding a second IP to the server, and can see both IPs in ipconfig. I used listen xxx.xxx.xxx (second IP) in the httpd.conf file but can't restart Apache with this in the httpd.conf. I can use listen with the second IP with a non-80 port, restart Apache and access the server through that non-80 port. In IIS I am binding the secure.mydomain.com to the first IP. According to the docs I've read, this all should work...unfortunately, not for me.
Am I leaving out a step with adding the second IP to the server 2000 machine?
> .. that should work but it didn't for me.
could you please explain what you did (URL), what you get/see, what does not work, and what you see in your apache's error_log and access_log
could you please explain what you did (URL), what you get/see, what does not work, and what you see in your apache's error_log and access_log
ASKER
Fixed the problem myself--now have Apache port 80 and IIS ports 80 + 443 on the same box:
Socket pooling is enabled on IIS 5, by default, but it can be disabled
to allow other HTTP-enabled third-party software to run side-by-side
with IIS, each responding to requests sent to different IP addresses.
There are two ways to do disable socket pooling in IIS 5. First, you can
edit the metabase by using the MetaEdit utility [Hack #54]. By default,
the setting for socket pooling is defined in the metabase schema, but
you can use MetaEdit to create a new metabase key called
DisableSocketPooling in the location /LM/W3SVC and assign it the value
of true (1). In other words, the default value for DisableSocketPooling
in the schema is false (0), which means it is false to say socket
pooling is enabled.
Socket pooling is enabled on IIS 5, by default, but it can be disabled
to allow other HTTP-enabled third-party software to run side-by-side
with IIS, each responding to requests sent to different IP addresses.
There are two ways to do disable socket pooling in IIS 5. First, you can
edit the metabase by using the MetaEdit utility [Hack #54]. By default,
the setting for socket pooling is defined in the metabase schema, but
you can use MetaEdit to create a new metabase key called
DisableSocketPooling in the location /LM/W3SVC and assign it the value
of true (1). In other words, the default value for DisableSocketPooling
in the schema is false (0), which means it is false to say socket
pooling is enabled.
Redirect match is just part of it, you also need to force SSL. Check out http:Q_21836877.html for the how-to.
Jeff
TechSoEasy
Jeff
TechSoEasy
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
just use a RedirectMatch wherever your HTTP is defined (global or a
specific virtual host):
RedirectMatch .* https://www.anotherserver.com$1
As long as you want to redirect all requests you shouldn't have to care
about whether it matches path or complete URL. If you want more control
later check out mod_rewrite.