apache2.4 mod_rewrite exclude specific alias directroy/uri

Question

I have the following setup on one of my vhosts:

...<VirtualHost *:80>
    ServerName cloud.domain.de
    ServerAdmin webmaster@domain.de
    ServerSignature Off

    Alias "/.well-known/acme-challenge" "/var/www/domain.de/vh-www/htdocs/public/.well-known/acme-challenge"

    <Directory "/var/www/domain.de/vh-www/htdocs/public/.well-known/acme-challenge">
      Require all granted
      ForceType 'text/plain'
    </Directory>

    <ifmodule mod_rewrite.c>
      RewriteEngine On
      RewriteCond %(REQUEST_URI) !/\.well\-known/acme\-challenge/?.*
      RewriteCond %{HTTPS} off
      # RewriteRule ^\.well-known/acme-challenge/([A-Za-z0-9-]+)/?$ - [L]
      RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
    </ifmodule>...

What I want to achieve is, that mod_rewrite does not rewrite the URL when the url http://cloud.domain.de/.well-known/acme-challenge/ is accessed.

I already tried different approaches, one of them being the commented-out RewriteRule above, but nothing seems to work: the server rewrites it to https everytime.

When I disable the rewriting for testing purposes, I can access the alias URL just fine...

How do I achieve the specific URL not being rewritten?

Froggiz · Accepted Answer · 2015-11-26T11:56:41.830

18

Like that :

<ifmodule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{REQUEST_URI} !^/\.well\-known/acme\-challenge/
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</ifmodule>

If the URI match start with /.well-known/acme-challenge/ the request will not be redirected

edited Nov 26 '15 at 11:56

answered Nov 26 '15 at 11:22

Froggiz

3,013
1
18
30

First, thanks for you advice! Unfortunately, it didn't work. When you visit: `http://www.server-plant.de/.well-known/acme-challenge/`it is still being rewritten. (I applied the same Rewrrite Rules and Conditions for my www-Subdomain, so it's excatly the same as the cloud-Subdomain) – FleBeling Nov 26 '15 at 11:39
1

Edited : there was () instead of {} and `RewriteCond %{HTTPS} off` is not requiered – Froggiz Nov 26 '15 at 11:58
Yeah, I just blindly copied yours without checking for the right brackets, but well, sh.. happens :) Now it works like charm and you're also right regarding the other condition. Just one question left: How to change the condition to also match everything behind the trailing `/`? So it wouldn't catch index.html and so on? – FleBeling Nov 26 '15 at 13:28
it already match all `start with /.well-known/acme-challenge/`that mean `/.well-known/acme-challenge/anything` will not be redirect too – Froggiz Nov 26 '15 at 13:32
Okay, it seems there was something in my browser's cache or so. Now at home it works out of the box. And again, thanks alot! – FleBeling Nov 26 '15 at 19:13
"Note that rewrite configurations are not inherited by virtual hosts. This means that you need to have a RewriteEngine on directive for each virtual host in which you wish to use rewrite rules." https://httpd.apache.org/docs/2.4/mod/mod_rewrite.html – Frederick Nord Feb 02 '17 at 21:25
1

Rewrite configurations can be inherited to all virtual hosts with `RewriteOptions InheritDown` since Apache 2.4.8. `RewriteEngine On` has still to be present in each virtual host configuration. – tobltobs May 10 '17 at 15:32

score 6 · Answer 2 · answered Mar 03 '17 at 15:02

6

@mark Correct version of the "shorter and more robust" variant:

RewriteCond %{REQUEST_URI} ^/\.well\-known
RewriteRule . - [L]

answered Mar 03 '17 at 15:02

remote mind

361
2
5

adding this to stop the ssl redirect rules below it is awesome – James Tan Apr 17 '19 at 03:42
The single dot in line 2 did not work for me. Is it because it only matches one char and the url consists of several chars? I am using ^(.*)$ instead. – Jette Jun 07 '19 at 04:33

score 1 · Answer 3 · answered Jan 31 '17 at 09:56

1

IMHO shorter and more robust:

RewriteCond %{REQUEST_URI} ^\.well\-known
RewriteRule - [L]

you may want to add /acme-challenge/ eventually but if you would like to debug it with an arbitrary file, like ./well-known/test this solution works better

what does it actually do: looks whether the request starts with .well-known, in that case does nothing (the meaning of -) and make it the last rule [L]

answered Jan 31 '17 at 09:56

Mark Hofstetter

11
1

nope. The virtualhosts still seem to have precedence. "Sections inside sections are applied after the corresponding sections outside the virtual host definition. This allows virtual hosts to override the main server configuration." from https://httpd.apache.org/docs/current/sections.html – Frederick Nord Feb 02 '17 at 15:30

apache2.4 mod_rewrite exclude specific alias directroy/uri

3 Answers3