Something is redirecting my https traffic on all pages to http. I can not find the error in .conf file or .htaccess. Everything I have tried to force https has failed. Something is overriding my efforts and sending everything back to http.
Example: https://www.tjoselfstorage.com/admin
Here is .conf file
<VirtualHost *:80>
DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
# staging htpasswd protection
<Directory /var/www/>
SetEnvIfNoCase always_match ^ CARET_ENV=live
Options -Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:443>
DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
# staging htpasswd protection
<Directory /var/www/>
SetEnvIfNoCase always_match ^ CARET_ENV=live
Options -Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/20f8a253809bd7bd.crt
SSLCertificateKeyFile /etc/apache2/ssl/www.tjoselfstorage.com.key
SSLCertificateChainFile /etc/apache2/ssl/gd_bundle-g2-g1.crt
</VirtualHost>
Here is my .htaccess
RewriteEngine on
RewriteCond %{ENV:CARET_ENV} live [NC]
RewriteCond %{HTTP_HOST} !^www.tjoselfstorage.com$ [NC]
RewriteCond %{HTTP_HOST} ((.*).(org|net|com)|(.*).(.*).(org|net|com)|[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}) [NC]
# Remove trailing slashes
RewriteCond %{REQUEST_URI} !^/$
RewriteCond %{REQUEST_FILENAME} !__\^.php
RewriteRule ^(.*)/$ /$1 [R=301,L]
# serve thru caret if the file doesn't exist
RewriteCond %{REQUEST_FILENAME} !-f [OR]
# or if the file does exist but isn't a static resource (CSS, images, JS, etc)
RewriteCond %{REQUEST_FILENAME} !resources
# and make sure we're not already directing to caret (handles additional loops through this htaccess file)
RewriteCond %{REQUEST_FILENAME} !__\^.php
RewriteRule (.*) \__\^.php/$0 [L]
Your PHP Application is:
curl -Ik https://www.tjoselfstorage.com/admin
HTTP/1.1 302 Found
Date: Sun, 14 Jan 2018 04:32:08 GMT
Server: Apache/2.2.20 (Ubuntu)
X-Powered-By: PHP/5.3.6-13ubuntu3.6 <---------------!!! here!!!!
Set-Cookie: PHPSESSID=dsaapjf4cml9fdcblbjf9p9550; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Status-Code: 301
Location: http://www.tjoselfstorage.com/account/login?redirect=%2Fadmin
Vary: Accept-Encoding
Content-Type: text/html
Sidenotes:
<Directory /> points to your ROOT / in your filesystem. You should not use that in virtualhost, but rather in server config and with deny all.
What you certainly want is:
<Directory /path/to/documentroot>
You should not be using .htaccess if you are the admin of the web site. .htaccess is not a rewrites depot, it is a means for non-admin users to configure specific directories, right now you are allowing any .htaccess in your whole filesystem to be read and interpreted by httpd. Quite insecure and slow.
Related
I'm trying to make my website works with a nodejs backend and a websocket server
my website is entirely in https
my node backend is on port 8080 with my websocket server on 8080
I made a virtualhost like that
<VirtualHost *:8080>
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/socket.io [NC]
RewriteCond %{QUERY_STRING} transport=websocket [NC]
RewriteRule /(.*) ws://localhost:8080/$1 [P,L]
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
</VirtualHost>
<VirtualHost *:80>
ServerName www.example.com
ServerAlias example.com
Redirect permanent / https://example.com/
</VirtualHost>
<VirtualHost *:443>
DocumentRoot /var/www/example.com
ServerName www.example.com
ServerAlias example.com
<Directory /var/www/example.com>
Options -Indexes +FollowSymLinks +MultiViews
AllowOverride All
Allow from all
Require all granted
</Directory>
<Directory /var/www/example.com/wp-content>
Options -Indexes +FollowSymLinks +MultiViews
Require all granted
</Directory>
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15553000; includeSubDomains; preload"
</IfModule>
ErrorLog /var/log/apache2/error.example.com.log
CustomLog /var/log/apache2/access.example.com.log combined
</VirtualHost>
But when I tried to go on myip:8080 it doesn't work and same for connecting to my websocket
What did I do wrong ?
Enable mod_proxy_wstunnel
Then you should be able to forward only your location to your websocket server.
ProxyPass /wssurl/ ws://127.0.0.1:8080/
Ok after a lot of work. I figured out. I think the problem come with the firewall when I installed my website.
so I have to proxypass everything on my secure connection.
The mod_proxy_wstunnel is not working because when I tried to connect with wss:// so I had to use rewriteEngine.
Here is my final working virtual host
<VirtualHost *:80>
ServerName www.example.com
ServerAlias example.com
Redirect permanent / https://example.com/
</VirtualHost>
<VirtualHost *:443>
DocumentRoot /var/www/example.com
ServerName www.example.com
ServerAlias example.com
<Directory /var/www/example.com>
Options -Indexes +FollowSymLinks +MultiViews
AllowOverride All
Allow from all
Require all granted
</Directory>
<Directory /var/www/example.com/wp-content>
Options -Indexes +FollowSymLinks +MultiViews
Require all granted
</Directory>
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15553000; includeSubDomains; preload"
</IfModule>
ErrorLog /var/log/apache2/error.example.com.log
CustomLog /var/log/apache2/access.example.com.log combined
ProxyRequests On
ProxyPreserveHost On
ProxyPass /api/test http://localhost:8080
ProxyPassReverse /api/test http://localhost:8080
RewriteEngine On
RewriteCond %{HTTP:Upgrade} websocket [NC]
RewriteCond %{HTTP:Connection} upgrade [NC]
RewriteRule ^/?(.*) "ws://localhost:8080/$1" [P,L]
</VirtualHost>
I changed the context url from:
domain.name/url1 to domain.name/url2
I want to have a 301 redirect of all URLs from
domain.name/url1/* to the static file domain.name/url2/moved.html and show a static maintenance page
The rewrite rules should not take into account any other URLs except domain.name/url1/* for this redirect
url1 and url2 are subfolders in the apache directory /var/www/home/
The apache configuration is:
Listen 9082
<VirtualHost *:9082>
ServerName domain.name
DocumentRoot "/var/www/home"
<Directory />
Require all denied
</Directory>
<Directory "/var/www/home">
Require all granted
RewriteEngine on
AllowOverride all
</Directory>
<IfModule dir_module>
DirectoryIndex index.html index.htm index.php
</IfModule>
</VirtualHost>
You may try this code in your url1/.htaccess:
DirectoryIndex index.html
RewriteEngine On
RewriteRule ^index\.html$ - [NC,L]
RewriteRule . /url1/ [L,R=301]
I have deployed a server apache in ubuntu 16.04 which is devided in some virtual hosts.
I want to get rid of index.php in the url but I cant get my htaccess to work I will be deeply great-full for any help I can receive. I prefer to solve the problem in htaccess and not in apache itself because there are also other configurations I need to include in htaccess
Conf file
<VirtualHost *:80>
<Directory var/www/cartwebs.com/public_html>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ServerAdmin iosef#cartwebs.com
ServerName cartwebs.com
ServerAlias www.cartwebs.com
DocumentRoot /var/www/cartwebs.com/public_html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
htaccess
<IfModule mod_rewrite.c>
RewriteEngine On
#RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [QSA,L]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.cartwebs.com/$1 [L,R=301]
</IfModule>
When I go to my website like this :
example.com/ or
example.com/app_dev.php
That works fine.
But when I try to go to a different route like
example.com/api/route/option
I got an error 404, however when I go to
example.com/app_dev.php/api/route/option
That is working fine.
This is my .htaccess
<IfModule mod_rewrite.c>
Options +FollowSymlinks
RewriteEngine On
RewriteRule ^app_dev.php - [L]
RewriteRule ^app.php - [L]
RewriteCond %{REQUEST_FILENAME} !-f
#RewriteRule ^(.*)$ app.php [QSA,L]
RewriteRule ^(.*)$ app_dev.php [QSA,L]
</IfModule>
And this is my virtualhost
<VirtualHost *:80>
ServerName example.com
ServerAdmin my_mail
DocumentRoot /var/www/html/example/web/
DirectoryIndex app_dev.php
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride All
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Got an idea ?
Thanks !
Your virtual host file doesnt enable overrides meaning your .htaccess file isnting being read. Try adding this to your virtual host file:
<Directory /var/www/html/example/web/>
AllowOverride None
Order Allow,Deny
Allow from All
</Directory>
You may also want to look into other setup options as documented here: http://symfony.com/doc/current/setup/web_server_configuration.html
I have the following code:
# Rewrite to www
Options +FollowSymLinks
RewriteEngine on
RewriteCond %{HTTP_HOST} ^salom.dev[nc]
RewriteRule ^(.*)$ http://www.salom.dev/$1 [r=301,nc]
# 301 Redirect Entire Directory
RedirectMatch 301 /admin(.*) /vendor/aheinze/cockpit/$1
# Change default directory page
DirectoryIndex /site
# Prevent viewing of .htaccess file
<Files .htaccess>
order allow,deny
deny from all
</Files>
# Prevent directory listings
Options All -Indexes
I keep getting 500 errors but I can't find the problem any ideas?
Here is the conf file:
<VirtualHost *:80>
ServerAdmin webmaster#localhost
ServerName salom.dev
DocumentRoot /home/otis/Developer/salom
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /home/otis/Developer/salom/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>
Also is there a way to debug these errors using the dev tools or potentially the logs?
DirectoryIndex is a file not a directory and you have a missing space before `[nc].
Try this .htaccess:
# Change default directory page
# DirectoryIndex /site
# Rewrite to www
Options +FollowSymLinks -Indexes
RewriteEngine on
RewriteCond %{HTTP_HOST} ^salom\.dev$ [NC]
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]
# 301 Redirect Entire Directory
RewriteRule ^admin(.*) /vendor/aheinze/cockpit/$1 [L,NC,R=301]
# Prevent viewing of .htaccess file
<Files .htaccess>
order allow,deny
deny from all
</Files>