I am struggling with mod_rewrite htaccess for at least couple of days, and still cannot figure this out.
I want to force HTTPS SSL on my site, but only from outside of the network.
I have something like this:
RewriteCond %{REMOTE_ADDR} !^192\.168\.1\.30
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.mysite.com/$1 [R,L]
My local IP is 192.168.1.30 and it keeps correcting my adress to https://www.mysite.com.
In one condition it allows me to connect locally to my server. When I type https://192.168.1.10 (my local server adress). But it keeps throwing me SSL caution which cannot be kept this way.
When I type http://192.168.1.10 it redirects me to https://www.mysite.com
How to make it leave my ip alone from all the redirects?
For my logic, it should not redirect me no matter what if my REMOTE_ADDR is 192.168.1.30.
Can you try this rule:
RewriteEngine On
RewriteCond %{REMOTE_ADDR} !^(192\.168\.|127\.0\.0\.1)
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
I do not think you need Rewrite rules at all. Since HTTP listens on port 80 and HTTPS on port 443, you can have three different VirtualHosts.
First one to listen on port 80 and binds to your private ip address.
Second to listen on port 80 but all it does in 301 redirect to the https url
The last one to listen on port 443 (the HTTPS)
However, you may have to move this logic from htaccess file to your .conf file.
Since apache starts finding the matching VirtualHost in the order they are defined in the .conf file (http.conf or apache.conf as the case may be), the ordering is very important.
Related
Is it better this code:
RewriteEngine on
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
or this one:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
or this one:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.domain.ltd/$1 [R,L]
I tryed all of them, they work, and I couldn't notice any noticeable difference in site loading time. Despite this, I would like to understand what they do exactly on the 2nd line.
Ultimately, it depends on your setup.
In the first example, you are checking for the protocol based on the X-Forwarded-Proto header. As you can see, this is set by the proxy or load balancer sitting in front of your server so, if you don't have one, this header might be blank, even if the client initiated a secure connection and you'd still perform the redirect.
The second one is a variable set directly by the web server based on what connection it received, but it's dependent on mod_ssl so it might not be available.
The last one it just checks the port, there's no additional information on the protocol used, it's up to you to figure it out if you are running apache in non-standard ports.
I have an ec2 instance with my website files properly installed using apache2 as the web server. The ec2 is configured to receive http traffic on port 80 only from the elb (pretty sure about this but not 100%). The elb has an https listener (port 443) and an http listener (port 80). The elb sends traffic to the ec2 instance after decrypting the data according to the aws docs. My issue is that I cannot figure out how to redirect all traffic to the load balancer that is http to https.
I tried using this rewrite rule in both the virtual host for the site and the apache2.conf, but it isn't having any kind of effect (no errors either).
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI}
The entire virtual host looks like this (located in /etc/apache2/sites-available/SewaneeEats.conf):
ServerName classicloadbalancer-1929710381.us-east-1.elb.amazonaws.com
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html/SewaneeEats/public
<Directory /var/www/html/SewaneeEats>
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI}
AllowOverride All
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
I can confirm also that module rewrite is enabled.
So when I type in the url sewaneeeats.com (these links are live if you need to check them out), it will still be sewaneeeats.com (with no ssl whatsoever) rather than redirecting. I know the ssl is working on https://www.sewaneeeats.com. On https://sewaneeeats.com I get a broken ssl red symbol in the url bar on chrome. I think the reason it is broken on the https://sewaneeeats.com url is because the cert is registered for www subdomain, but I am not sure. The domain is configured using aws's route 53 console, so I can give info on that if it would be helpful.
Any help would be really appreciated because I have been trying to figure this out for about a 12 hours or so. Would have posted this on serverfault.com, but I couldn't because I can only have 2 links for a question when I am under 10 rep.
I usually use the following rule to redirect all traffic to https:
RewriteCond %{HTTPS} =off
RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]
Also, no need to place the rewrite rules between directives if you want to apply the rules globally for the vhost.
I have added SSL certificate to my website and check Use SSL to 'Yes' then after,I hit my website but its not moving to https.
If you have SSL certificate installed and you do not see the https:// you can simply force your application from http:// to https:// simply by copy/paste the following code in your .htaccess file:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R,L]
I'm using AltoRouter: (http://altorouter.com/) and I modified .htaccess as suggested in the instalation to:
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule . index.php [L]
This is so that index.php can handle all the requests. My problem is that I am using addon domains in cpanel and I am having internal server errors when I try to access one of the domains associated with the addon domain.
Example:
My main domain is mainsite.com.
Then I have several sites:
site1.com that cpanel automatically associates with site1.mainsite.com and creates a folder mainsite.com/site1.com. So if I access site1.com I would see in browser site1.com but the content delivered would be the one inside the mainsite.com/site.com folder.
This works if I don't use the .htaccess rule but I need it for routing. If I have that rule I get internal server errors everytime I access site1.com (I assume that it's a conflict between cpanel rules and .htaccess).
How can I modify the rule so that it only affects maindomain and not subdomains? I am assuming that by doing this there would be no conflict and my problem would be solved.
I am really bad at .htaccess and regex but I am willing to learn if needed. I would still appreciate if you could point me to the right direction. (both in the idea and in good websites that can help me understanding this)
How can I modify the rule so that it only affects maindomain and not subdomains?
You can add a new condition based on host name:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^(?:www\.)?mainsite\.com$ [NC]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule . index.php [L]
#Redirect non-www to www
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule (.*) http://www.%{HTTP_HOST}/$1 [R=301,L]
Currently I have this piece of code, and it works when I put it on my webhost online. But the thing is, I use my localhost (own pc) for development of the website before I put it online. So when I use it on my local host, the url goes to www.localhost and this unables me to reach my own website on my local host.
Is there any way, perhaps some type of if-statement that only put that piece of code to work when I actually put it online on a webhost and not when I have it on my local host.
Yes, there is an if-statement in htaccess. Take a look here:
http://httpd.apache.org/docs/trunk/mod/core.html#if
You can also see this:
HTACCESS RewriteCond without messing up localhost
RewriteCond %{HTTP_HOST} \.
As mentioned there, this should work for localhost check.