Solved

using htaccess to fake https

Posted on 2010-09-14
14
579 Views
Last Modified: 2012-05-10
Hello,

i am trying to test a website on my server, I do not have an SSL certificate. If the test is successful it will move to a different server, so no need to buy SSL for me. I need to do a 30 minute test.

Some pages on this website are looking for https and I am getting 404 errors and others are looking for http, what I was hoping to do with the htaccess file was that if https is requested, then rewrite and deliver, if http is requested, then deliver that instead,

what i came up with so far is (it doesn't work)...




Options +FollowSymLinks
RewriteEngine On
RewriteBase /
RewriteRule ^/(.*):SSL$   https://%{SERVER_NAME}/$1 [R,L]
RewriteRule ^/(.*):NOSSL$ http://%{SERVER_NAME}/$1 [R,L]

Open in new window

0
Comment
Question by:jblayney
  • 6
  • 5
  • 3
14 Comments
 
LVL 10

Expert Comment

by:laneduncan
ID: 33675351
Seems like a better option would be just to create a self-signed SSL certificate.  That'd give you a better test, wouldn't it?  And it doesn't cost anything.

Here's a run-through on creating a wildcard certificate:

http://lanestechblog.blogspot.com/2008/03/creating-self-signed-wildcard-ssl_13.html
0
 
LVL 1

Author Comment

by:jblayney
ID: 33675437
Hello laneduncan,

thanks for the info, i read through the link you sent and it looks like it requires me to be a server administrator, which I am not. I am a web developer and don't have that kind of access to the server.
0
 
LVL 10

Expert Comment

by:laneduncan
ID: 33675561
Aha.  That makes more sense.  Still, a web server does have a default (self-signed) certificate.  

But there are a lot of setups where that wouldn't be configured correctly.  You being able to do this will depend on some settings on the server side (in the httpd.conf file; specifically, the "allowOverride" setting); if that's enabled, something like this ought to do it:

Options +FollowSymlinks
RewriteEngine on
RewriteCond %{HTTPS} =on
RewriteRule .* http://%{SERVER_NAME}%{REQUEST_URI} [R,L]

0
 
LVL 1

Author Comment

by:jblayney
ID: 33675827
Hello again,

i do not have access to the httpd.conf file, I can do URl rewriting with the htaccess file though, so i am assuming it is set properly (correct me if I am wrong on that)

that being said, the code is not solving my problem. I am still getting 404 errors when I try certain pages which i can see are being redirected to https
0
 
LVL 10

Expert Comment

by:laneduncan
ID: 33675890
That's good (that you can override; not that it's not working!).  
What, exactly, are you seeing?  Are the URLs getting redirected correctly, but the server isn't able to find that file?  That is:  what's the address and protocol in the address line on the browser when you get the 404 error?
0
 
LVL 82

Expert Comment

by:Dave Baldwin
ID: 33676027
The reason you can't do what you want is that SSL/https negotiation is done Before any files are served.  Which means before the '.htaccess' file is read and processed.
0
 
LVL 10

Expert Comment

by:laneduncan
ID: 33676041
True, But you wouldn't be getting a 404 error if SSL isn't configured correctly.  That's the puzzle to me.
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 
LVL 1

Author Comment

by:jblayney
ID: 33676058
the error i get is

Not Found

The requested URL /earth-line/posecom/login.php was not found on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.


I also added with no luck...
RewriteBase /earth-line/posecom/





0
 
LVL 10

Expert Comment

by:laneduncan
ID: 33676079
What's the actual address (including the protocol http/s) on the address line in the browser?
0
 
LVL 1

Author Comment

by:jblayney
ID: 33676113
http://www.darkstarmedia.net/earth-line/posecom/

this is my testing server, the links that mess up are sign in or create an account, i don't really like posting my server online though, will i be able to delete this after?
0
 
LVL 82

Expert Comment

by:Dave Baldwin
ID: 33676259
There is a certificate for *.korax.net which is probably the hosting provider's server.
0
 
LVL 1

Author Comment

by:jblayney
ID: 33676531
Hello Dave,

I called the web host and inquired, I do not have access to that.
0
 
LVL 10

Accepted Solution

by:
laneduncan earned 500 total points
ID: 33676555
DaveBaldwin is correct:  SSL is working on this server, but you're right, in that it doesn't look like this virtual host is set up to support it. (https://www.server.net [not wanting to compound your server disclosure prob] doesn't work.)

So.  You've got some redirects, it would appear, in your code:

http://www.server.net/earth-line/posecom/login.php
redirects immediately to:
https://www.server.net/earth-line/posecom/login.php

Which accounts for the 404, since there isn't a virtual host that's listening on port 443 with that host header.
So it looks like the problem is going to be on the server side, rather than on the scripting side; they've got to enable SSL on that virtual server.

But if you were to get redirects to work, they wouldn't work, because your code would redirect back to https again.  And then the server would redirect to http...

Do you have a line to the server admins?  I think that's the easiest option in front of you, honestly; it'd be trivial to enable SSL on this virtualhost.  Another option would be to throw together a local apache environment and test it locally.  That's not a lot of fun, but it'd give you control, anyway...
0
 
LVL 82

Expert Comment

by:Dave Baldwin
ID: 33677020
When I have needed to test pages that use "https" on the live servers, I put a line in the php that selects 'http' if it's on my local servers or 'https' otherwise.
0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Join & Write a Comment

Introduction and Prerequisites This article describes methods for detecting whether a client browser accepts and returns HTTP cookies and whether the client browser runs JavaScript.  Most client browsers will, by default, be configured to use cooki…
In Solr 4.0 it is possible to atomically (or partially) update individual fields in a document. This article will show the operations possible for atomic updating as well as setting up your Solr instance to be able to perform the actions. One major …
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now