I have my site at a host and my domain with a registrar. I have a subdomain pointed to my hosted site via an A record.
From the beginning. I am using cloudways hosting. I set up my site. (A wordpress site.) I then went to my registrar and set up an A record to point to my site. It worked. The A record was simply sub.example.c om. I then tested that url and it worked. So I made a second A record for www.sub.example.c om so I could be able to get to my site with or without www. The www worked. So far so good.
Since I had everything working I decided to set up my SSL. CloudWays has Let's Encrypt integration. So ithas the option to set it up for you. I set it up and went to https://sub.example.com. It worked. I then went to https://www.sub.example.com. and got a certificate error. I didn't think about it when I set up the cert, but I used sub.example.com. So it makes sense the site only works without the www.
Since Let's Encrypt doesn't do wildcard certs I need a work around. Is there a way I can forward https://www.mysub to https://mysub? using mod rewrite? Or any other way?
No idea what pedrofb was talking about. You're clearly talking about a single sub domain. Not the top level domain. So ignore the thing about another SSL cert. And I'm sorry for the misdirected anger causing you downvotes. You'd think this community would be more willing to help. The fact that you're being downvoted means your missing something which should simply be explained kindly.
You're close. If you go to iconfinder .com and look at their cert it is a wild card cert. Which is why there is no certificate error at h ttps://www.iconfinder You'll also notice when you go to www.iconfinder you get https and when you go to iconfinder alone you get https. Their cert covers both h ttps://iconfinder and h ttps://www.iconfinder
Yours does not.
Go to letsencrypt. org. Notice how their url always shows h ttps://letsencrypt. org? No go directly to h ttps://www.letsencrypt.org. You get a server error. So what is happening to you is happening to them. That shows there is a limitation with their not being a wildcard cert.
Now you wanted to know if you could forward. Go to www.letsencrypt.org. It takes you right back to https://letsencrypt.org. Now go to letsencrypt.org. It takes you right back to https://letsencrypt.org.
So as you can see you can forward. So to accomplish what you want to do. Below is how to do it.
RewriteEngine on
RewriteCond %{HTTP_HOST} ^mysub.example.com [NC]
RewriteCond %{HTTP_HOST} ^www.mysub.example.com [NC]
RewriteRule ^(.*)$ https://mysub.example.com/$1 [L,R=301,NC]
Related
I run a service where I offer css files and scripts and images for a third party website www.myfantasyleague.com that is a football hosting service for fantasy football and recently they have went through some changes over the last couple of years.
I am trying to block certain websites on their servers that are using my work fraudulently, while allowing the folks whom purchase my work on the same domain to be able to use my work and it not be blocked by the HTA file. Once you create a football site MFL gives it a permanent server number and 5-digit code that never changes now from each year it stays the same. Here is a link to a MFL search for the word football, and you can see there are many sites and if you click on a few they all have different 5 digit IDs and some have different server ID’s.
The site I want to start with to block, would be this site url below, and the MFL domain has an option to have http and https now, so getting both protocols would be idea.
SITE TO BLOCK EXAMPLE
https://www67.myfantasyleague.com/2019/home/63928#0
SITE TO ALLOW EXAMPLE
http://www51.myfantasyleague.com/2019/home/46087#0
On myfantasyleague domains they give each site its own 5-digit unique code at the end of the url, and also many are on different server id’s, like the www67 and the www51, and you see those 2 links one is https and one is http.
In the past I use to use this code below and it will still work today, however once I add it to my root access file, it takes out both sites and I can’t have that, as I want to be able to control which sites are blocked by the server number and the 5-digit league ID if possible.
CODE THAT I TRIED THAT WORKED BUT KILLS ALL SITES FROM THAT DOMAIN NAME.
RewriteEngine On
RewriteCond %{HTTP_REFERER} https?://(www\.)?www(67).myfantasyleague.com.+(63928) [NC,OR]
RewriteRule .*\.(jpe?g|gif|bmp|png|js|css)$ [L]
Maybe i can turn that URL to be blocked into the actual IP and try blocking the IP?
I don't know what else to try and it might not even be possible i dont know. I appreciate any and all feedback.
Thank you
Though the pattern you posted certainly can be improved there is no reason why it should "block" all referrers from that host, if those sites send a referrer header at all ... Keep in mind that such header is optional and can be modified easily, so anyone can work around limitations you implement based on that header.
Blocking an IP on the other hand means you block all services from that host which is not what you want, as I understand. The numerical addition to the "www" prefix indicates that the service operator uses sharding to balance request load, an old and outdated approach. You can expect that to change any time, either for individual sites or in general, so better not rely on it. You are only interested in the numerical ID at the end of the referring URL.
Your issue with that approach you posted however is the actual rewriting rule: it is syntactically invalid. So I would expect it to raise an internal error, thus blocking all requests. I would suggest something like this instead:
RewriteEngine On
RewriteCond %{HTTP_REFERER} !/63928$ [OR]
RewriteCond %{HTTP_REFERER} !/63927$ [OR]
RewriteCond %{HTTP_REFERER} !/63926$
RewriteRule ^ [F,NC]
This would actively white list specific sites by mentioning their numerical ID and block all other requests by sending out a "Forbidden" header.
Please note that I have not actually tested above code, it might contain some minor glitch which you might have to fix. For such things it is important to have access to the http servers error log file. Not sure if you have it in your situation...
Over the course of the last year a site I maintain with a payment gateway has stopped taking payments or collecting any user information. Seeing an opportunity to save a few bucks, we let the SSL certificate lapse.
The problem I am facing now is that Google and other sites have linked to the https version of my site. Whenever any of these links are visited you, rightly, get a security warning.
I added the following to my .htaccess:
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI}
But I'm still hitting the warning page every time I visit the site via an https link.
How can I get around this? In my head, for it to be failing the .htaccess file is being read after you visit the site, but Chrome is blocking the page before that stage – is that correct? If not, it may just be that I have a typo in my htaccess file.
Any kind of redirection is done after the TLS handshake, this means you get the warnings before the browser even gets the information that it should redirect.
And to anticipate a typical follow-up question: fiddling with DNS (i.e. CNAME etc) will not help either.
That means that you either accept the warnings about the broken certificate or you get a new certificate for your site.
We have our site setup and would like to have a secure members area. (e.g.: https://www.abc.com/members/).
Our host provides us an SSL URL to use for free though it isn't very pretty (www1234.sslurl.com/abc/members/).
Is it possible to use https://www1234.sslurl.com/abc/members/ and rewrite the URL to read as https://www.abc.com/members? If so, I'd appreciate some help with the rule to do this.
Note: This is NOT for a shopping cart and we aren't storing credit cards, or social security numbers or anything sensitive like that. We just want to provide users with a secure browser connection when logging in. Is rewriting the URL unethical?
Added details since someone voted to close my question though I'm not sure why. This is a valid question and is tagged appropriately.
================== SOME CODE I'VE BEGUN WORKING WITH==================
RewriteCond %{HTTP_HOST} abc.com
RewriteCond %{REQUEST_URI} !abc/
RewriteRule ^(.*)$ abc/$1 [L]
Does this look right?
Even if there was a way to do this (and I don't believe that you Apache supports such a redirect), the browser would likely complain anyway. Typically SSL certificates only work for domain.com and www.domain.com. If you try to access that certificate using a different URL, your browser will give an error about the certificate not being trusted.
First, I have already spent the past few hours trying to find a solution for this, but have had nothing but non-working solutions :(
It's pretty simple - I'm pointing the DNS of a new domain to my current hosting, but when I visit the new domain, I'm just viewing my original site (the one i got with my hosting).
Let's say my original site is "www.originalsite.com" - the content for my new domain is at "www.originalsite.com/newsite.com/" (dots included).
Now I just need to get "www.newsite.com" to re-direct to it's own directory AND re-write itself to hide the directory name.
So yeah, "www.newsite.com" needs to use the content in "www.originalsite.com/newsite.com/", but remain displayed as "www.newsite.com" in the URL bar.
Cheers for any input - really appreciated :)
PS: I'm using ColdFusion and previously made a useful re-direction, but the result was typically "www.netsite.com/newsite.com/" - which is not what I want :)
Oh...and yeah, I'm hoping for an .htaccess fix :) thanks!
If you have full control over the server, a VirtualHost in httpd.conf is probably a better solution. For example:
<VirtualHost newdomain.com:80>
ServerName newdomain.com
ServerAlias www.newdomain.com
DocumentRoot /path/to/webroot/newsite.com
</VirtualHost>
If you don't have the ability to do this directly, any good host will provide a "Park Domain" function which allows you to achieve the same effect - specifying your new domain and identifying which directory you want it to point to - via the web control panel.
However, if you don't have the ability to do that, here's a mod_rewrite for .htaccess that should work:
RewriteEngine On
RewriteCond %{REMOTE_HOST} (www\.)?newdomain\.com
RewriteRule ^(.*)$ /newdomain.com/$1 [L]
CrystalTech have just recentely installed a mod that provides htaccess ...
Though they've only done it one server so far :) so I'm being moved onto that server.
Problem solved I guess - heh!
PS thanks for the help anyway guys :)
You could do the redirect with a "cloaked" frame page.
That way the URL in the browser's address bar stays the same (no extra path), and it remains simple to use the subdirectory.
The following link describes this for classic ASP - but it should be simple to convert to any server side scripting language/platform:
http://www.simpledns.com/kb.aspx?kbid=1151
I have a website say domain.old hosted with say 'host-old'
I want to do away with 'host-old' and go with 'host-new'
(so effectively 'host-old' hosting would end)
Also I want a new domain - say 'domain.new'
So now I have 'domain.old' , 'domain.new' and 'host-new' with me
Now I want all my old links are preserved:
viz. http://domain.old/cat1/link1/page1/
redirects to http://domain.new/cat1/link1/page1/
Now please advice what would be the best way to go to set up with the new host.
This is a multi-step process:
Create all the pages at 'host-new' so that 'http://domain.new/cat1/link1/page1/' all work.
Enable mod_rewrite in Apache on 'host-new', and configure as below.
Change the dns entries for 'domain.old' to point to 'host.new'
wait 2-3 days for dns entries to propagate to remainder of the internet.
stop hosting at 'host-old'
The mod_rewrite config you need is:
LoadModule rewrite_module modules/mod_rewrite.so
RewriteEngine on
RewriteCond %{HTTP_HOST} ^domain.old$
RewriteRule ^(.*)$ http://domain.new/$1 [NE,R=301,L]
i don't know exactly how this would work but you could parse the URL from the old site and redirect to your new host. You need a common script in your domain.old masterpage that does this for you.
The question would be easier to answer if you specified your platform. If you are on Apache, I'd take a look at mod_rewrite
You'll probably want to provide a 301 (moved permanently) http response.
When you get rid of the old domain, you can't control it any more, and therefore won't get traffic from it. You should transfer the old domain to your new host (not too hard), and then have a redirector running on it - the way other answers suggest.