Solved

How RewriteEngine works in Apache web server?

Posted on 2014-11-07
12
143 Views
Last Modified: 2014-11-15
I have following in my httpd.conf file in a web server

<VirtualHost *:80>
#stand-alone instances
include conf/my_application.conf
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{HTTP_HOST} !^$
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L,NE]
</VirtualHost>

Open in new window


I would like to understand what it does?
0
Comment
Question by:beer9
  • 4
  • 4
  • 4
12 Comments
 
LVL 50

Expert Comment

by:Steve Bink
ID: 40429925
See my comments:
# Declare a virtual host answering to any domain name on port 80<VirtualHost *:80>
#stand-alone instances
# include the file conf/my_application.conf.  Any directives found in that file will apply to this 
# scope as if they were written here individually
include conf/my_application.conf
# Turn on the rewrite engine
RewriteEngine On
# The next three directives make up a single rewrite
# the RewriteRule is matched first.  If it is matched, the two RewriteCond directives are
# tested.  If the conditions pass, the request is finally rewritten
#
# the request is on port 80 
RewriteCond %{SERVER_PORT} 80
# the requested host is not an empty string
RewriteCond %{HTTP_HOST} !^$
# for every request, capture the entire content of the request string
# and forward to the requested host with the same request string
# the forward is done as a 301 redirect, with no URL escaping of the
# string, and this will be the last rewrite processed
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L,NE]
# end the virtual host definition
</VirtualHost>

Open in new window


Note that this rewrite does nothing useful, and will likely result in an endless redirection loop.

You can read more about rewrites in the Apache docs.
0
 

Author Comment

by:beer9
ID: 40429957
Thanks for the help Steve,

On Line number 9 you mention RewriteRule is matched first but we have declared 2 RewriteCond first then 1 RewriteRule.

Also we we are starting rewrite engine with 'RewriteEngine On' and now how are are stopping it?

Could you please give a example URL and help me to understand how it flows in such rule? Thanks :-)
0
 
LVL 61

Expert Comment

by:gheist
ID: 40430005
RewriteEngine stops where section (Like VirtualHost) ends.

Since your rewrite rule runs on http host checking for port 80 is moot. You can as well replace all rewrite rules with one line
Redirect / https://site_name_.com/
0
 
LVL 50

Expert Comment

by:Steve Bink
ID: 40430356
>>> you mention RewriteRule is matched first but we have declared 2 RewriteCond first then 1 RewriteRule.

That is correct.  Take a look at mod_rewrite's flow diagram.  Note that the rule's pattern is matched, then conditions are processed, then the rewrite is applied.

>>> we are starting rewrite engine with 'RewriteEngine On' and now how are are stopping it?

That question is a little ambiguous.  The RewriteEngine directive simply tells mod_rewrite to process any rules within this scope.  You can also use "RewriteEngine Off" to force mod_rewrite to ignore any rules.  If mod_rewrite is processing rules, i.e., "RewriteEngine On", the every rule in the request's scope is applied to each request.  The application of rules ends when one of the following conditions is met:
there are no more rules,
the request is redirected externally, either on a successful rule application with a [R] modifier, or a redirect to an external URL,
a rule with the [L] or [END] modifiers are successfullt applied

Also, as gheist mentioned, the ruleset you posted is really just a return to the current request.  I was incorrect in my earlier assertion that it would result in a redirect loop...the rule is redirecting to the https version of the same request.  This rule enforces https on all requests:

1) Apache receives the request for http://mydomain.com/page.htm
2) mod_rewrite matches "/page.htm" to the rule's ^(.*)$ pattern
3) mod_rewrite passes the condition %{SERVER_PORT} = 80
4) mod_rewrite passes the condition %{HTTP_HOST} != <blank string>
5) mod_rewrite redirects the request to https://mydomain.com/page.htm with a 301.
0
 
LVL 61

Expert Comment

by:gheist
ID: 40430907
2) would match any request
3) would match all requests on that virtual host
4) will be always true again on the virtualhost context
5) Actually rewrite effectively in this place is
Redirect perm / https://%{HTTP_HOST}/

Sure it is nice to dig some config snipplets on the internet, but what is the value of them that you do 3 NOOP checks?
0
 

Author Comment

by:beer9
ID: 40430931
So when I access http://client.myapplication.com then I see it redirects to the address bar as https://client.myapplication.com/myapplication then again it redirects as https://client.myapplication.com/myapplication/web/login

All of this is happening due to below config?

# Declare a virtual host answering to any domain name on port 80<VirtualHost *:80>
#stand-alone instances
# include the file conf/my_application.conf.  Any directives found in that file will apply to this 
# scope as if they were written here individually
include conf/my_application.conf
# Turn on the rewrite engine
RewriteEngine On
# The next three directives make up a single rewrite
# the RewriteRule is matched first.  If it is matched, the two RewriteCond directives are
# tested.  If the conditions pass, the request is finally rewritten
#
# the request is on port 80 
RewriteCond %{SERVER_PORT} 80
# the requested host is not an empty string
RewriteCond %{HTTP_HOST} !^$
# for every request, capture the entire content of the request string
# and forward to the requested host with the same request string
# the forward is done as a 301 redirect, with no URL escaping of the
# string, and this will be the last rewrite processed
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L,NE]
# end the virtual host definition
</VirtualHost>

Open in new window

0
Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

 

Author Comment

by:beer9
ID: 40430934
Steve, How apache checks if 'URI changed' as mentioned in your below diagram: http://httpd.apache.org/docs/current/rewrite/tech.html#InternalRuleset

Thanks for helping
0
 
LVL 61

Expert Comment

by:gheist
ID: 40431078
Can you post output of httpd -V ?
You refer to the documentation of development version of apache. That document is not relevant for any usable version of apache of today.
0
 
LVL 50

Expert Comment

by:Steve Bink
ID: 40431362
@gheist
>>> You refer to the documentation of development version of apache.

That document is for Apache 2.4, which is the most up-to-date production version of Apache.  The Apache 2.2 version of the same document shows the same overall flow, but with a little less detail.

All of my links are pointing to v2.4 documentation.  To see the v2.2 equivalent page, change the word "current" to "2.2" in the respective link.


@beer9
>>> How apache checks if 'URI changed' as mentioned in your below diagram

You would have to check the source code for Apache or mod_rewrite to be sure, but I imagine it is a simple string comparison.  The URI is generally changed if a rewrite is successfully applied.  The final branch of that decision making simply determines if:

a) no rewrites were done, in which case, serve the originally requested resource,
b) a rewrite was successful, and the new URI points to a resource on the same server.  In this case, re-submit the new URI into Apache's request chain,
c) a rewrite was successful, and the new URI points to an external location.  In this case, Apache returns a 3xx response to the client telling them to go elsewhere.
0
 

Author Comment

by:beer9
ID: 40434944
Thanks for the help :-)

Does rewrite and redirect add any HTTP header to request/reponse? (like X-Forwarded-For) ??
0
 
LVL 50

Accepted Solution

by:
Steve Bink earned 500 total points
ID: 40435395
Different headers may be sent in the response based on the circumstances of the rewrite.  For example, if you use the [R=xxx] modifier, then the response will include the "xxx" response code to the client.  In the case of internal rewrites, no headers are changed are added.  There's also the [P] modifier, which makes Apache/mod_rewrite generate a proxy request to the target URL.
0
 
LVL 61

Expert Comment

by:gheist
ID: 40435591
No it adds just 301/302 with target address, resulting request to new place  has referer of redirect page.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In my time as an SEO for the last 2 years and in the questions I have assisted with on here I have always seen the need to redirect from non-www urls to their www versions. For instance redirecting http://domain.com (http://domain.com) to http…
If you are running a LAMP infrastructure, this little code snippet is very helpful if you are serving lots of HTML, JavaScript and CSS-related information. The mod_deflate module, which is part of the Apache 2.2 application, provides the DEFLATE…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

937 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

1 Experts available now in Live!

Get 1:1 Help Now