I am trying to redirect http trafic from http to https on ec2 behind a network load balancer using htaccess
# aws rule for http to https
RewriteCond %{HTTP:X-Forwarded-Proto} =http
RewriteRule .* https://%{HTTP:Host}%{REQUEST_URI} [L,R=permanent]
Above code does not work because network loadbalancer does not add x-forwarded header.
Related
I have configured virtualhost as below
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} =http
RewriteRule .* https://%{HTTP:Host}%{REQUEST_URI} [L,R=permanent]
I require to exclude redirecting HTTP to HTTPS request for my local network/subnet ie. (172.16.0.0/16)
I am using GCP HTTP loadbalancer.
Can somebody help me to resolve this issue.
Thanks
GCP launched http to https redirection at the load balancer so you don't need to configure rewrite rule on apache anymore, with this said, you can access backends either directly from your local Nerwork or you can separately have an internal http load balancer on http to access it from local network and external for external users.
I have the htaccess rewrite rule:
RewriteCond %{HTTP_HOST}: ^(?:www\.)?samplesite\.net
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
on two azure vm running IIS.
I have an application gateway sitting in front that has a backend Https pool with the server certs of the two azure vms.
I have a multi-site https listener on the gateway listening for https traffic to the gateway with the specific URI www.samplesite.net.
There is an attached rule that uses the backendHttps pool.
The VMs host multiple sites and I only want to redirect HTTP to HTTPS for this one site. I have the private key for www.samplesite.net on Azure gateway for the listener.
If I point directly at any VM I am successfully redirected to HTTPS. If I point at the gateway I receive a too many redirect error.
If I do not rewrite on the server I can go directly to HTTPS or HTTP with no issue via the gateway.
Why am I getting this redirect if I have end to end encryption?
Edit:
In relation to using gateway rules to redirect traffic:
Rules are processed in the order they are listed, and traffic is
directed using the first rule that matches regardless of specificity.
For example, if you have a rule using a basic listener and a rule
using a multi-site listener both on the same port, the rule with the
multi-site listener must be listed before the rule with the basic
listener in order for the multi-site rule to function as expected.
Edit2:
If anyone is interested I had to do this:
RewriteCond %{HTTP_HOST}: ^(?:www\.)?samplesite\.net
RewriteCond %{HTTP_X_FORWARDED_PROTO} ^http$
RewriteRule ^(.*)$ https://www.samplesite.net%{REQUEST_URI} [L,R=302]
I had to check the header forwarded from the gateway
> RewriteCond %{HTTP_HOST}: ^(?:www\.)?samplesite\.net
> RewriteCond %{HTTP_X_FORWARDED_PROTO} ^http$
> RewriteRule ^(.*)$ https://www.samplesite.net%{REQUEST_URI} [L,R=302]
https://www.helicontech.com/isapi_rewrite/doc/examples.htm
https://stackoverflow.com/a/41512717/7889282
https://sitecoreblog.marklowe.ch/2017/01/using-ip-geolocation-and-ssl-on-azure/
I am using AWS Elastic Beanstalk to host my website with Load Balancer over some EC2 instances.
I am using OctoberCMS (a flavour of laravel as a framework)
I have setup SSL Certificate over my ELB via AWS Certificate Manager and all is working fine.
But there is a problem.
I want to redirect HTTP to HTTPS.
According to AWS, I got a small .htaccess snippet to do the job:
Redirect to HTTPS
RewriteCond %{HTTP:X-Forwarded-Proto} =http
RewriteRule . https://%{HTTP:Host}%{REQUEST_URI} [L,R=permanent]
However, when a user gets to http://mywebsitesite.com it takes them to https://mywebsitesite.com/index.php hence they start browsing in the manner of https://mywebsitesite.com/index.php/someresource.
Also if you go to http://mywebsitesite.com/someresource, you are redirected back to https://mywebsitesite.com/index.php.
This is not a good experience and I know someone must have encountered this before and is able to redirect to resource properly and remove the index.php
My ELB listener is configured by default to 80 --> 80 and 443 --> 80
Note: I am not encountering a redirect loop.
I'll preface this answer with saying that this is code from the Tomcat Elastic Beanstalk but I believe that it should still work.
I had in my configuration code file:
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R,L]
This was part of a .ebextensions file that configured the Apache proxy which, in my case, was in front of Tomcat.
You can add the following line in .htaccess to hide the index.php from the url after the redirect configuration.
RewriteRule ^(.*)$ /index.php?/$1 [L]
Got a vServer and plesk installed on it (Apache backend, Nginx reverse proxy), plesk is listening on port 8443.
I use the hostname as a domain for easier accesss and SSL certificate domain. So I would like to redirect ALL traffic to specific one:
What I got so far is this rule
return 301 https://www.DOMAIN.com:8443/;
which leads everything to the Plesk Panel URL but if someone is using this
https://DOMAIN.com:8443
he won't be redirected to
https://www.DOMAIN.com:8443
and the SSL certificate won't work (domain based). How can I force every traffic (http and https with the ports 80 and 8443) to
https://www.DOMAIN.com:8443
Thanks in advance
You could HTACCESS to do it:
The Code
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule (.*) https://www.%{HTTP_HOST}%{REQUEST_URI}:8443 [R=301,L]
What this does is check if the user is trying to access the site without using www and if so redirect to www on the specific port that you wanted.
If you already have your port 80 traffic redirecting to port 8443 and you just want to redirect the rule for www, what I have listed above will work. You can also have mod rewrite redirect based on the port used.
It would look like this:
The Code
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www\.
RewriteCond %{SERVER_PORT} ^80$
RewriteRule (.*) https://www.%{HTTP_HOST}%{REQUEST_URI}:8443 [R=301,L]
You would just need to make sure that each virtual host you are using has the mod rewrite rule in place. You might have to create a virtual host for the extra ports you want to use. The only thing these virtual hosts would have is the redirect rule. Otherwise you might get 404 errors.
I have a few servers behind a Load Balancer running Apache with PHP we're finding that people can't hold an SSL session. You can access any page on the site using https by adding https:// to the URL but when you click a link even though that link will show https you get redirected back to a standard http page.
On the Load Balancer listener page I have it set up as:
HTTP 80 to HTTP 80
TCP (SSL) 443 to TCP 80
I've tried non-TCP and using https and I've tried 443 to 443 but that throws a Server 503 error (server overload). I've added a *:443 VirtualHost on the servers but that didn't work.
I also even tried a:
RewriteCond %{HTTP_HOST} .
RewriteCond %{HTTP_HOST} ^mydomain\.com [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule (.*) https://www.mydomain.com/$1 [R=301,L]
as an .htaccess rule. But users are still being redirected back to HTTP when navigating.
Any ideas?
I would guess the right track is having HTTPS 443 to HTTP 80, not TCP. Can you provide more details about what happens when you configure it this way?