1

(I consider this question a duplicate of Lighttpd redirect from www.domain.com to domain.com, but that one didn't get enough attention and it's too old).

I'm trying to deploy an app over lighttpd+FastCGI and encrypt all the traffic. It works well if I explicitly use HTTPS in the URL, but as soon I try the redirect from HTTP to HTTPS the URLs the app script name (in this case, index.py) is included in the URL, so instead of https://somedomain.com/bleh I get https://somedomain.com/index.py/bleh, which triggers a Not Found error.

I tried moving some stuff around, but I can't get how to do the redirect well. Here's the relevant stuff of my lighttpd.conf

$SERVER["socket"] == ":80" {
    $HTTP["host"] =~ "(.*)" {
        url.redirect = (
            "^/(.*)" => "https://%1/$1"
        )
    }
}

$SERVER["socket"] == ":443" {
    ssl.engine = "enable"
    ssl.pemfile = "certificate.pem"
    ssl.use-sslv2 = "disable"
    ssl.use-sslv3 = "disable"
}

fastcgi.server = (
    "index.py" => ((
        "socket" => "/tmp/app.socket",
        "bin-path" => "index.py",
        "max-procs" => 1,
        "bin-environment" => (
            "REAL_SCRIPT_NAME" => ""
        ),
        "check-local" => "disable"
    ))
)

url.rewrite-once = (
    "^/favicon.ico$" => "/static/assets/favicon.ico",
    "^/static/(.*)$" => "/static/$1",
    "^/(.*)$" => "/index.py/$1"
)
Community
  • 1
Tae
  • 113
  • 7

1 Answers1

0

rewrite happens before redirect. in your case the solution is to put fastcgi and rewrite in the ssl socket, as you only want it for ssl anyway.

Please don't spawn sockets in /tmp, use a directory dedicated to this where only lighttpd can create files.

Stefan
  • 819
  • 1
  • 7
  • 18
  • Thanks for the answer, and for your suggestion. I'm thinking on mount lighttpd over a chroot, but first I need to get the redirection right. I tried your solution, but I got the same behavior :( – Tae Dec 03 '13 at 23:22