3

I'm trying to get a simple www. to non www. redirect set up. Here's the .htaccess

DirectoryIndex index.php
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www.domain.org [NC]
RewriteRule ^(.*)$ http://domain.org/$1 [L,R=301]

RewriteBase /

########## Begin - Rewrite rules to block out some common exploits
## If you experience problems on your site block out the operations listed below

## This attempts to block the most common type of exploit `attempts` to Joomla!
#

## Deny access to extension xml files (uncomment out to activate)
#<Files ~ "\.xml$">
#Order allow,deny
#Deny from all
#Satisfy all
#</Files>


## End of deny access to extension xml files
# Block out any script trying to set a mosConfig value through the URL
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]

#
########## End - Rewrite rules to block out some common exploits


RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/index.php
RewriteCond %{REQUEST_URI} (/|\.php|\.html|\.htm|\.feed|\.pdf|\.raw|/[^.]*)$  [NC]
RewriteRule (.*) index.php
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]

Accessing the www.domain.org page results in page not found. If I modify the top lines like this:

RewriteCond %{HTTP_HOST} ^domain.org [NC]
RewriteRule ^(.*)$ http://domain123.org/$1 [L,R=301]

The redirect works great (it goes to http://domain123.org)

There are no RewriteCond's for domain.org in the apache httpd.conf file (where the virtualhosts are configured, specifically domain.org).

apachectl -S: 

VirtualHost configuration:
xxx.xxx.xxx.xxx:443    domain.org (/etc/httpd/conf.d/ssl.conf:173)
xxx.xxx.xxx.xxx:80     domain.org (/etc/httpd/conf/httpd.conf:1011)
Syntax OK

Relevant sections of each config: ssl.conf:

<VirtualHost xxx.xxx.xxx.xxx:443>

DocumentRoot /blah/blah/
ServerName domain.org

ErrorLog /blah/blah/
CustomLog /blah/blah/
LogLevel warn
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCertificateFile /blah/blah/
SSLCertificateKeyFile /blah/blah/
SSLCACertificateFile /blah/blah/

<Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>

SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

CustomLog logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>

http.conf:

<VirtualHost xxx.xxx.xxx.xxx:80>

    ServerName domain.org
    ServerAdmin me@domain.org
    DocumentRoot /blah/blah/
    ErrorLog /blah/blah/
    CustomLog /blah/blah/

</VirtualHost>

Help greatly appreciated!

a coder
  • 719
  • 4
  • 20
  • 37
  • 1
    That config looks good. Could that domain be getting handled by a different ``, which isn't pointing to this `.htaccess` file's location? Check `apachectl -S` (and ensure that there's a `ServerAlias www.domain.com` in the relevant vhost). Also, just to confirm - the DNS for the `www` name is pointing to this server correctly, right? – Shane Madden Aug 10 '12 at 23:49
  • Just added output from apachectl -S, along with the relevant sections of each config. I did not find ServerAlias for www.domain.com – a coder Aug 11 '12 at 11:55
  • I added ServerAlias www.domain.org to both httpd.conf and ssl.conf. The domain appeared to redirect in Firefox 14.0.1, but checking in Chrome, the www.domain.org is not redirecting (same page not found as before). – a coder Aug 11 '12 at 12:11
  • Issued curl --verbose --head --location domain.org and got some results. curl --verbose --head --location www.domain.org results in 'couldn't resolve host' – a coder Aug 11 '12 at 12:14
  • Have you cleared your browser cache? – Michael Hampton Aug 11 '12 at 17:52
  • @acoder Where is your DNS served from? Seems like the `www` name might not be configured. – Shane Madden Aug 11 '12 at 19:23
  • @MichaelHampton - of course. I've accessed the site from different machines to confirm the issue. – a coder Aug 11 '12 at 21:28
  • I've discovered that DNS is handled locally for this site - I've sent a message to the administrator to inquire. – a coder Aug 11 '12 at 21:28
  • Updated original article with resolution. There was not an entry in our DNS for www.domain.com. Adding that solved the problem (or at least routed that traffic to my server, where I implemented the redirect above) – a coder Aug 14 '12 at 14:33

1 Answers1

0

There was not an entry in our DNS for www.domain.com. Adding that solved the problem (or at least routed that traffic to my server, where I implemented the redirect above).

Thanks for the commentary.

a coder
  • 719
  • 4
  • 20
  • 37