0

I have a wild card ssl for my domain. I have many subdomains each with its own default page.

www.domain.com/main.html     [/home/domain/main.html]
try.domain.com/free.php          [/home/domain/try/free.php]
new.domain.com/signup.php     [/home/domain/new/signup.php]
etc

I want to write .htaccess such that:

  1. All traffic is directed to https
  2. The subdomains resolve to respective default pages
  3. All non-www is directed to www except for the subdomains which remain subdomain.domain.com

I want to do all this in a single htaccess /home/domain/.htacces and not have htaccess files in each folder.

eshwar
  • 101

1 Answers1

2

IMHO You're already heading the wrong direction with your intention to create a .htaccess file, which is my pet peeve, quoted from from the manual on .htaccess files:

You should avoid using .htaccess files completely if you have access to httpd main server config file. Using .htaccess files slows down your Apache http server. Any directive that you can include in a .htaccess file is better set in a Directory block in the main Apache configuration file(s), as it will have the same effect with better performance.

Set up a default/catchall VirtualHost on port 80 for plain HTTP to the redirect to everything to your secure hosts:

<VirtualHost :80>
  Servername www.example.com
  ServerAlias *.example.com
  # https://wiki.apache.org/httpd/RewriteHTTPToHTTPS
  RewriteEngine On
  RewriteCond %{HTTPS} !=on
  RewriteRule ^/?(.*) https://%{HTTP_HOST}/$1 [R,L]

  >other optional directives<
</VirtualHost>

The above will preserve the hostname when redirecting to SSL.

Then much more effective configuration is to use the fact that you have a wildcard SSL certificate (and you don't even need to depend on SNI) and create a Name Virtual Host for each of your subdomains, with a last catch-all that for any subdomain not explicitly defined redirects to www 

<VirtualHost *:443>
        SSLEngine on
        >>other optional and required (SSL) directives<<
        SSLCertificateFile      /etc/ssl/star.example.com.crt
        SSLCertificateKeyFile   /etc/ssl/star.example.com.key
        ServerName      "one.example.com"
        DocumentRoot    "/var/www/html/one"
</virtualHost>
<VirtualHost *:443>
        SSLEngine on
        >>other optional and required (SSL) directives<<
        SSLCertificateFile      /etc/ssl/star.example.com.crt
        SSLCertificateKeyFile   /etc/ssl/star.example.com.key
        ServerName      "two.example.com"
        DocumentRoot    "/var/www/html/two"
</virtualHost>
<VirtualHost *:443>
        SSLEngine on
        >>other optional and required (SSL) directives<<
        SSLCertificateFile      /etc/ssl/star.example.com.crt
        SSLCertificateKeyFile   /etc/ssl/star.example.com.key
        ServerName      "www.example.com"
        DocumentRoot    "/var/www/html/www"
</virtualHost>

# Use the fact that the configuration file is parsed in order
# and make this catch-all entry only catch what isn't defined above:
<VirtualHost *:443>
        SSLEngine on
        >>other optional and required (SSL) directives<<
        SSLCertificateFile      /etc/ssl/star.example.com.crt
        SSLCertificateKeyFile   /etc/ssl/star.example.com.key
        ServerName      "star.example.com"
        ServerAlias      *.example.com
        Redirect / https://www.example.com
</virtualHost>

Or if you're into minimal configurations: mod_vhost_alias may be of interest.

HBruijn
  • 72,524
  • 21
  • 127
  • 192