1

I'm looking for the proper way to handle redirecting of insecure (via port 80) requests to secure (port 443) with Apache server config. I do not want to put this in my .htaccess file either.

Currently I have this in my httpd.conf file:

ServerName example.com
ServerAlias *.example.com

RewriteEngine On
RewriteCond %{HTTP_HOST} ^(.+)\.example\.com$
RewriteRule ^(.*)$ https://%1.example.com/$1 [R=302,L]

The goal is to do a wildcard (in subdomain and subfolder) redirect. To be specific, here are some major use cases:

 - http://subdomain.example.com to https://subdomain.example.com
 - http://example.com to https://www.example.com
 - http://www.example.com/contact/ to https://www.example.com/contact
 - http://subdomain.example.com/contact/ to https://subdomain.example.com/contact

In short, simply replacing http with https as long as two conditions meet:

  • The requested URI contains mydomain.com

  • The requested URI is not already secure (http traffic only)

I've tried numerous different methods but nothing seems to capture all variations of subdomains and subfolders, much to my surprise.

Any ideas? Thanks!

Community
  • 1
Tony D
  • 13
  • 3
  • 1
    Possible duplicate of [Redirect, Change URLs or Redirect HTTP to HTTPS in Apache - Everything You Ever Wanted to Know About Mod\_Rewrite Rules but Were Afraid to Ask](http://serverfault.com/questions/214512/redirect-change-urls-or-redirect-http-to-https-in-apache-everything-you-ever) – MadHatter Oct 18 '16 at 05:53

2 Answers2

0

A simple virtual host is the best way to catch all the HTTP requests. Then you cannot accidentally redirect HTTPS requests. Something like.

<VirtualHost *:80>
   ServerName example.com
   ServerAlias *.example.com

   # Redirect subdomains.
   RewriteEngine on
   RewriteCond %{HTTP_HOST} (\w+.example.com)
   RewriteRule ^ https://%1%{REQUEST_URI} [L,R=301]

   # Everything else to www.example.com preserving URI path
   Redirect 301 / https://www.example.com/
</VirtualHost
Unbeliever
  • 2,286
  • 1
  • 9
  • 17
  • Thank you! Should the RewriteRule go to http or https? Also, what part captures just the subdomain to inject it as $1? Looks like the RewriteCond captures the entire domain. – Tony D Oct 18 '16 at 02:26
  • You are correct about the https, I mistyped and have corrected it in my answer. The `RewriteCond` captures the whole domain used and then it is used as `%1` in the `RewriteRule`. Rather than matching the request URI in the `RewriteRule` I just use the variable that already has it, `%{REQUEST_URI}`. – Unbeliever Oct 18 '16 at 05:53
  • Thank you very much! This works well. One additional followup question - when I type in test.example.com or dev.example.com, it routes to my domain fine. However, if I type in "stage.example.com" for some reason I'm routed to "http://go.na.sage.com/" ? Any idea why/how to fix? – Tony D Oct 19 '16 at 12:13
  • You must have some other configuration that does that somewhere. I'm sure you can see that what I posted is not going to do that. Start by checking what stage.example.com resolves to and then search the configuration files. – Unbeliever Oct 19 '16 at 21:46
0

To redirect to HTTPS:

RewriteEngine On

RewriteCond %{HTTPS} off

RewriteRule ^ https:/ /%{HTTP_HOST}%{REQUEST_URI}

But you need to have a virtual host for ssl:

NameVirtualHost *:443

< VirtualHost *:443>

ServerName example.com

ServerAlias www.example.com

SSLEngine on

SSLCertificateFile    /etc/apache2/ssl/apache.crt

SSLCertificateKeyFile /etc/apache2/ssl/apache.key

< /VirtualHost>

Explaination of mod rewrite directives used

RewriteEngine On --- It will turn on mod_rewrite engine of apache server on

RewriteCond %{HTTPS} off ------

Will contain the text "on" if the connection is using SSL/TLS, or "off" otherwise. (This variable can be safely used regardless of whether or not mod_ssl is loaded). will evaluate to a true conditon if connection is not ssl/tls

RewriteRule ^ https:/ /%{HTTP_HOST}%{REQUEST_URI}

this is to form the url originally requested by client but in https

Arjun sharma
  • 605
  • 4
  • 9
  • If you insist on using 'mod_rewrite in htaccess files' then in your `RewriteRule` there is no need to match the entire URI path and put it in a back reference using `(.*)` when in your target you are using `%{REQUEST_URI}`, simply use: `RewriteRule ^ https:/ /%{HTTP_HOST}%{REQUEST_URI}` – Unbeliever Oct 18 '16 at 10:31
  • yes , i agree , back referencing is not needed here – Arjun sharma Oct 18 '16 at 10:49
  • Spurious space in my previous comment. Sorry, no idea where that came from. – Unbeliever Oct 18 '16 at 10:53