Using mod_rewrite to redirect HTTP to HTTPS

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Using mod_rewrite to redirect HTTP to HTTPS

Mike Ealy-2
I realize this may not be the place to ask this question, but I'm not having
any luck elsewhere and I know there are some regular expression masters on
this list. I need some help configuring mod_rewrite in Apache. Specifically,
I need help working with RewriteCond, RewriteRule, and regular expressions.
I recently set up an SSL certificate and made changes to the .conf files to
redirect users from HTTP to HTTPS.

This bit of code in myvhosts.conf handles the redirect. All pages are now
served securely regardless of the URL.

<VirtualHost *:80>
    ServerName MYSITE1.com
    ServerAlias www.MYSITE1.com
    Redirect permanent / https://www.MYSITE1.com/
</VirtualHost>

The problem is if the URL includes parameters or an attached query string,
they don't get attached to the redirect. I'm thinking a properly written
RewriteCond/RewriteRule can handle this better than using Redirect
permanent.

This bit of code was added to httpd-ssl.conf when I configured the SSL
certificate.

##
## SSL Virtual Host Context
##
<VirtualHost _default_:443>

#  General setup for the virtual host
DocumentRoot /Library/WebServer/Documents/www.MYSITE1.com
ServerName www.MYSITE1.com:443
ServerAdmin [hidden email]
ErrorLog "/private/var/log/apache2/www.MYSITE1.com_error_log"
TransferLog "/private/var/log/apache2/www.MYSITE1.com_access_log"


Here's the setup in myvhosts.conf after I installed the SSL certificate.
(The commented portion was uncommented before I installed the certificate.)

#<VirtualHost *:80>
#    DocumentRoot /Library/WebServer/Documents/www.MYSITE1.com
#    ServerName www.MYSITE1.com
#    ServerAlias MYSITE1.com
#    ErrorLog /private/var/log/apache2/www.MYSITE1.com_error_log
#    CustomLog /private/var/log/apache2/www.MYSITE1.com_access_log common
#
#    RewriteEngine On
#    RewriteOptions inherit
#
#    RewriteCond %{HTTP_HOST} !^www\.MYSITE1\.com$
#    RewriteRule (.*) <a href="http://www.MYSITE1.com%">http://www.MYSITE1.com%{REQUEST_URI} [L,NS,R=301]
#</VirtualHost>

<VirtualHost *:80>
    ServerName MYSITE1.com
    ServerAlias www.MYSITE1.com
    Redirect permanent / https://www.MYSITE1.com/
</VirtualHost>


What changes need to be made to assure all requests are served securely
while maintaining any parameters or attached query strings?

I would really appreciate any help you guys could provide.

Thanks,
Mike Ealy



#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Reply | Threaded
Open this post in threaded view
|

Re: Using mod_rewrite to redirect HTTP to HTTPS

French, Shelane
This is what we have on our server:

 <IfModule mod_rewrite.c>
       RewriteEngine On
       RewriteCond %{HTTP:HTTPS} !^on$
       RewriteRule ^.*$ <a href="https://www.mysite.com%">https://www.mysite.com%{REQUEST_URI} [L,R]



On 9/23/18, 6:53 AM, "[hidden email] on behalf of Mike
Ealy" <[hidden email] on behalf of
[hidden email]> wrote:

>I realize this may not be the place to ask this question, but I'm not
>having
>any luck elsewhere and I know there are some regular expression masters on
>this list. I need some help configuring mod_rewrite in Apache.
>Specifically,
>I need help working with RewriteCond, RewriteRule, and regular
>expressions.
>I recently set up an SSL certificate and made changes to the .conf files
>to
>redirect users from HTTP to HTTPS.
>
>This bit of code in myvhosts.conf handles the redirect. All pages are now
>served securely regardless of the URL.
>
><VirtualHost *:80>
>    ServerName MYSITE1.com
>    ServerAlias www.MYSITE1.com
>    Redirect permanent / https://www.MYSITE1.com/
></VirtualHost>
>
>The problem is if the URL includes parameters or an attached query string,
>they don't get attached to the redirect. I'm thinking a properly written
>RewriteCond/RewriteRule can handle this better than using Redirect
>permanent.
>
>This bit of code was added to httpd-ssl.conf when I configured the SSL
>certificate.
>
>##
>## SSL Virtual Host Context
>##
><VirtualHost _default_:443>
>
>#  General setup for the virtual host
>DocumentRoot /Library/WebServer/Documents/www.MYSITE1.com
>ServerName www.MYSITE1.com:443
>ServerAdmin [hidden email]
>ErrorLog "/private/var/log/apache2/www.MYSITE1.com_error_log"
>TransferLog "/private/var/log/apache2/www.MYSITE1.com_access_log"
>
>
>Here's the setup in myvhosts.conf after I installed the SSL certificate.
>(The commented portion was uncommented before I installed the
>certificate.)
>
>#<VirtualHost *:80>
>#    DocumentRoot /Library/WebServer/Documents/www.MYSITE1.com
>#    ServerName www.MYSITE1.com
>#    ServerAlias MYSITE1.com
>#    ErrorLog /private/var/log/apache2/www.MYSITE1.com_error_log
>#    CustomLog /private/var/log/apache2/www.MYSITE1.com_access_log common
>#
>#    RewriteEngine On
>#    RewriteOptions inherit
>#
>#    RewriteCond %{HTTP_HOST} !^www\.MYSITE1\.com$
>#    RewriteRule (.*) <a href="http://www.MYSITE1.com%">http://www.MYSITE1.com%{REQUEST_URI} [L,NS,R=301]
>#</VirtualHost>
>
><VirtualHost *:80>
>    ServerName MYSITE1.com
>    ServerAlias www.MYSITE1.com
>    Redirect permanent / https://www.MYSITE1.com/
></VirtualHost>
>
>
>What changes need to be made to assure all requests are served securely
>while maintaining any parameters or attached query strings?
>
>I would really appreciate any help you guys could provide.
>
>Thanks,
>Mike Ealy
>
>
>
>#############################################################
>
>This message is sent to you because you are subscribed to
>  the mailing list Lasso [hidden email]
>Official list archives available at http://www.lassotalk.com
>To unsubscribe, E-mail to: <[hidden email]>
>Send administrative queries to  <[hidden email]>


#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Reply | Threaded
Open this post in threaded view
|

Re: Using mod_rewrite to redirect HTTP to HTTPS

Jolle Carlestam-2
In reply to this post by Mike Ealy-2
I have honestly not thought about if our sites honour params in their redirect. But this is the rule we have setup:

        RedirectMatch permanent ^(?!/\.well-known).* https://mysite.tld/

A quick test indicates that they do indeed bring the params with the redirect.

HDB
Jolle

> 23 sep. 2018 kl. 15:53 skrev Mike Ealy <[hidden email]>:
>
> I realize this may not be the place to ask this question, but I'm not having
> any luck elsewhere and I know there are some regular expression masters on
> this list. I need some help configuring mod_rewrite in Apache. Specifically,
> I need help working with RewriteCond, RewriteRule, and regular expressions.
> I recently set up an SSL certificate and made changes to the .conf files to
> redirect users from HTTP to HTTPS.
>
> This bit of code in myvhosts.conf handles the redirect. All pages are now
> served securely regardless of the URL.
>
> <VirtualHost *:80>
>    ServerName MYSITE1.com
>    ServerAlias www.MYSITE1.com
>    Redirect permanent / https://www.MYSITE1.com/
> </VirtualHost>
>
> The problem is if the URL includes parameters or an attached query string,
> they don't get attached to the redirect. I'm thinking a properly written
> RewriteCond/RewriteRule can handle this better than using Redirect
> permanent.
>
> This bit of code was added to httpd-ssl.conf when I configured the SSL
> certificate.
>
> ##
> ## SSL Virtual Host Context
> ##
> <VirtualHost _default_:443>
>
> #  General setup for the virtual host
> DocumentRoot /Library/WebServer/Documents/www.MYSITE1.com
> ServerName www.MYSITE1.com:443
> ServerAdmin [hidden email]
> ErrorLog "/private/var/log/apache2/www.MYSITE1.com_error_log"
> TransferLog "/private/var/log/apache2/www.MYSITE1.com_access_log"
>
>
> Here's the setup in myvhosts.conf after I installed the SSL certificate.
> (The commented portion was uncommented before I installed the certificate.)
>
> #<VirtualHost *:80>
> #    DocumentRoot /Library/WebServer/Documents/www.MYSITE1.com
> #    ServerName www.MYSITE1.com
> #    ServerAlias MYSITE1.com
> #    ErrorLog /private/var/log/apache2/www.MYSITE1.com_error_log
> #    CustomLog /private/var/log/apache2/www.MYSITE1.com_access_log common
> #
> #    RewriteEngine On
> #    RewriteOptions inherit
> #
> #    RewriteCond %{HTTP_HOST} !^www\.MYSITE1\.com$
> #    RewriteRule (.*) <a href="http://www.MYSITE1.com%">http://www.MYSITE1.com%{REQUEST_URI} [L,NS,R=301]
> #</VirtualHost>
>
> <VirtualHost *:80>
>    ServerName MYSITE1.com
>    ServerAlias www.MYSITE1.com
>    Redirect permanent / https://www.MYSITE1.com/
> </VirtualHost>
>
>
> What changes need to be made to assure all requests are served securely
> while maintaining any parameters or attached query strings?
>
> I would really appreciate any help you guys could provide.
>
> Thanks,
> Mike Ealy
>
>
>
> #############################################################
>
> This message is sent to you because you are subscribed to
>  the mailing list Lasso [hidden email]
> Official list archives available at http://www.lassotalk.com
> To unsubscribe, E-mail to: <[hidden email]>
> Send administrative queries to  <[hidden email]>


#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Reply | Threaded
Open this post in threaded view
|

Re: Using mod_rewrite to redirect HTTP to HTTPS

Mike Ealy-2
In reply to this post by French, Shelane
Thanks so much. This is helpful.


> This is what we have on our server:
>
>  <IfModule mod_rewrite.c>
>        RewriteEngine On
>        RewriteCond %{HTTP:HTTPS} !^on$
>        RewriteRule ^.*$ <a href="https://www.mysite.com%">https://www.mysite.com%{REQUEST_URI} [L,R]
>
>
>
> On 9/23/18, 6:53 AM, "[hidden email] on behalf of Mike
> Ealy" <[hidden email] on behalf of
> [hidden email]> wrote:
>
>> I realize this may not be the place to ask this question, but I'm not
>> having
>> any luck elsewhere and I know there are some regular expression masters on
>> this list. I need some help configuring mod_rewrite in Apache.
>> Specifically,
>> I need help working with RewriteCond, RewriteRule, and regular
>> expressions.
>> I recently set up an SSL certificate and made changes to the .conf files
>> to
>> redirect users from HTTP to HTTPS.
>>
>> This bit of code in myvhosts.conf handles the redirect. All pages are now
>> served securely regardless of the URL.
>>
>> <VirtualHost *:80>
>>    ServerName MYSITE1.com
>>    ServerAlias www.MYSITE1.com
>>    Redirect permanent / https://www.MYSITE1.com/
>> </VirtualHost>
>>
>> The problem is if the URL includes parameters or an attached query string,
>> they don't get attached to the redirect. I'm thinking a properly written
>> RewriteCond/RewriteRule can handle this better than using Redirect
>> permanent.
>>
>> This bit of code was added to httpd-ssl.conf when I configured the SSL
>> certificate.
>>
>> ##
>> ## SSL Virtual Host Context
>> ##
>> <VirtualHost _default_:443>
>>
>> #  General setup for the virtual host
>> DocumentRoot /Library/WebServer/Documents/www.MYSITE1.com
>> ServerName www.MYSITE1.com:443
>> ServerAdmin [hidden email]
>> ErrorLog "/private/var/log/apache2/www.MYSITE1.com_error_log"
>> TransferLog "/private/var/log/apache2/www.MYSITE1.com_access_log"
>>
>>
>> Here's the setup in myvhosts.conf after I installed the SSL certificate.
>> (The commented portion was uncommented before I installed the
>> certificate.)
>>
>> #<VirtualHost *:80>
>> #    DocumentRoot /Library/WebServer/Documents/www.MYSITE1.com
>> #    ServerName www.MYSITE1.com
>> #    ServerAlias MYSITE1.com
>> #    ErrorLog /private/var/log/apache2/www.MYSITE1.com_error_log
>> #    CustomLog /private/var/log/apache2/www.MYSITE1.com_access_log common
>> #
>> #    RewriteEngine On
>> #    RewriteOptions inherit
>> #
>> #    RewriteCond %{HTTP_HOST} !^www\.MYSITE1\.com$
>> #    RewriteRule (.*) <a href="http://www.MYSITE1.com%">http://www.MYSITE1.com%{REQUEST_URI} [L,NS,R=301]
>> #</VirtualHost>
>>
>> <VirtualHost *:80>
>>    ServerName MYSITE1.com
>>    ServerAlias www.MYSITE1.com
>>    Redirect permanent / https://www.MYSITE1.com/
>> </VirtualHost>
>>
>>
>> What changes need to be made to assure all requests are served securely
>> while maintaining any parameters or attached query strings?
>>
>> I would really appreciate any help you guys could provide.
>>
>> Thanks,
>> Mike Ealy
>>
>>
>>
>> #############################################################
>>
>> This message is sent to you because you are subscribed to
>>  the mailing list Lasso [hidden email]
>> Official list archives available at http://www.lassotalk.com
>> To unsubscribe, E-mail to: <[hidden email]>
>> Send administrative queries to  <[hidden email]>
>
>
> #############################################################
>
> This message is sent to you because you are subscribed to
>   the mailing list Lasso [hidden email]
> Official list archives available at http://www.lassotalk.com
> To unsubscribe, E-mail to: <[hidden email]>
> Send administrative queries to  <[hidden email]>



#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>