After enabling HTTPS on my Apache2 server - I get 404 errors on every request

Question

Okay, so I've had no experience with SSL/HTTPS ever before, I've only ever dealt with standard HTTP. Recently I've started work on a site which will need SSL. So of course, I've gone out and researched how to and got started. I've got to the stage of installing the SSL certificate successfully - the green padlock appears and the server responds to HTTPS requests on port 443. The issue I have is that no matter what I do I cant get any pages to appear using HTTPS/SSL, however they appeared fine on port 80/HTTP (until I redirect HTTP to HTTPS that is).

Put simply I can access the HTTPS site absolutely fine, however my pages are not being sent, rather a 404 is sent for every request.

/etc/apache2/sites-available/[name].conf

<VirtualHost *:80>
    ServerName [serverName]

    RewriteEngine On

    RewriteCond %{HTTP:X-Forwarded-Proto} !https
    RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=302]
</VirtualHost>

<VirtualHost *:443>
    ServerName [serverName]
    ServerAdmin [email]
    DocumentRoot [docRoot]

    # I know the following SSL cert stuff is correct

    SSLEngine On
    SSLCertificateFile [...]/[domain].crt
    SSLCertificateKeyFile [...]/[certificate].key
    SSLCertificateChainFile [...]/[theotherone].crt

    ErrorLog ${APACHE_LOG_DIR}/[custom]_error.log
        CustomLog ${APACHE_LOG_DIR}/[custom]_access.log combined

        <Directory "[docRoot]">

                Options Indexes FollowSymLinks MultiViews

        AllowOverride All
        Order allow,deny
        allow from all

        </Directory>

</VirtualHost>

I'm not sure if there is anything else you might want to look at, or any other details, but if there is let me know.

EDIT:

After some searching around in the config files I have established that for whatever reason, when connecting to HTTPS, the server is using the document root in the default configuration (/var/www/) however this default configuration is not enabled with a2ensite. I can't seem to figure where the configuration that is causing this is located

Your `Rewrite` directives look like you are trying to run Apache behind a badly configured reverse proxy. If your Apache is serving the domain directly without any proxying, you should just drop all of the `Rewrite` directives and replace them with a single `Redirect`. And configure separate logfiles for each `VirtualHost` such that you can see exactly which `VirtualHost` process each request. — kasperd, Dec 11 '16 at 22:45
As for the Rewrites, I was only using them to get a temporary refirect (I wasn't 100% sure at that stage), I have now learned that Redirect is perfectly capable of that (yeah, bad that I didn't know that). Regarding the separate log files, I have since done that. I also have figured out what the issue was and will update to reflect that. — Michael Longhurst, Dec 12 '16 at 01:13

score 11 · Answer 1 · answered Dec 01 '16 at 18:18

11

Is it absolutely necessary to redirect all http requests to https? Cause it seems that's what you're trying to do here.

I suggest you start by removing the following lines from your conf:

RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=302]

I suspect the syntax may be wrong there. Then try connecting again on each http:// and https:// protocols.

answered Dec 01 '16 at 18:18

Ivan

893
2
9
23

I am sure that I want all HTTP to redirect to HTTPS, since I am making an admin panel on this domain, almost all requests contain sensitive information. I know that that syntax is correct since the redirect works perfectly. I have figured that the issue is that the server is looking for files in /var/www/html instead of the documentroot I have specified – Michael Longhurst Dec 01 '16 at 18:20
Does the document path work without the redirect? Worth a try imo... – Ivan Dec 01 '16 at 18:23
I'm giving the other answer a try first, will give it ago if that fails – Michael Longhurst Dec 01 '16 at 18:24
Gave that a try too, but to no avail – Michael Longhurst Dec 01 '16 at 18:32
Alright, try replacing the asterisk from *:443 with the actual IP of the server same goes for port 80 as well. Also check the syntax of document root path should start with / – Ivan Dec 01 '16 at 18:45
Is that the internal or external IP? – Michael Longhurst Dec 01 '16 at 18:48
It's the external IP of course – Ivan Dec 01 '16 at 18:48
My external IP is dynamic, it's hosted at home – Michael Longhurst Dec 01 '16 at 18:49
Okay I just put my current IP in there and its made a difference. It is now showing me the example.com instead of subdomain.example.com – Michael Longhurst Dec 01 '16 at 18:56

score 11 · Accepted Answer · answered Dec 12 '16 at 01:15

11

I can't exactly remember how I figured it out, but I stumbled across something somewhere that suggested to put:

<VirtualHost _default_:443>

Instead of:

<VirtualHost *:443>

Since replacing that, my SSL has been working perfectly.

answered Dec 12 '16 at 01:15

Michael Longhurst

301
2
10

score 10 · Answer 3 · answered Dec 01 '16 at 18:12

10

Try editing your file to look something like this:

This is a very basic conf, if this works add your redirects if still needed.

If this does not work please show your ssl.conf

NameVirtualHost *:80
NameVirtualHost *:443

<VirtualHost *:80>
         <Directory "[docRoot]">
        AllowOverride All
        </Directory>
        DocumentRoot [docRoot]
        ServerName [serverName]
</VirtualHost>

<VirtualHost *:443>
        SSLEngine on
       SSLCertificateFile [...]/[domain].crt
       SSLCertificateKeyFile [...]/[certificate].key
       SSLCertificateChainFile [...]/[theotherone].crt
         <Directory "[docRoot]">
        AllowOverride All
        </Directory>
        DocumentRoot [docRoot]
        ServerName [serverName]
</VirtualHost>

answered Dec 01 '16 at 18:12

Anthony Fornito

9,526
1
33
122

Nope, still doesn't work, it is still showing the temporary index.html that I placed in /var/www/html. I shall link a pastebin with the conf – Michael Longhurst Dec 01 '16 at 18:26
This is the pastebin: http://pastebin.com/iwubgFye – Michael Longhurst Dec 01 '16 at 18:29
Just to confirm you are restarting apache after making changes? – Anthony Fornito Dec 01 '16 at 18:35
Yes, anything and everything I change I am restarting – Michael Longhurst Dec 01 '16 at 18:39
I have opened every config file I can imagine and run a CTRL+F to find anywhere that the DocumentRoot is set to "/var/www/html" and It has come up with nothing. So I cannot for the life of me figure why apache is reading from /var/www/html if it isn't being told to – Michael Longhurst Dec 01 '16 at 18:41
Im thinking there might be something else going on can you paste the output for your httpd.conf: cat /etc/httpd/conf/httpd.conf | grep -v "#" – Anthony Fornito Dec 01 '16 at 18:42
Apparently there is no such file or directory :/ – Michael Longhurst Dec 01 '16 at 18:45
If I was to make an educated guess, for some reason, the server is ignoring the vhosts that I have setup and is using the default-ssl.conf file no matter – Michael Longhurst Dec 01 '16 at 18:46

After enabling HTTPS on my Apache2 server - I get 404 errors on every request

/etc/apache2/sites-available/[name].conf

EDIT:

3 Answers3