You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by "Foster, Stephen (ASPIRE)" <st...@hmrcaspire.com> on 2006/08/14 17:54:50 UTC

[users@httpd] Help with re-write rules

hi all,

quick newbie question if i may. I have been playing about with re-write
rules today in order to acheive the behaviour i want, the situation i
currently have is that i need to match and effect the following:

1: All requests to something other than the the FQDN should be written to
the FQDN. e.g customer access site using http://www.domain.com , i rewrite
customer to http://online.domain.com
2: All requests that are non-secure are written to secure. e.g URL becomes
https://online.domain.com
3: i must be able to support non-secure requests to certain URL's e.g
http://online.domain.com/heartbeat/heartbeat.htm and
http://online.domain.com/server-status

The current ruleset i am using is as follows:

# =================================================
# Rewrite to HTTPS Settings
# =================================================
RewriteCond %{HTTP_HOST}   !^online\.domain\.com [NC]
RewriteCond %{HTTP_HOST}   !^$
RewriteRule ^/(.*)         http://online.domain.com:%{SERVER_PORT}/$1 [R]
RewriteCond %{REQUEST_URI}  !^/heartbeat/heartbeat.htm
RewriteCond %{REQUEST_URI}  !^/server-status
RewriteCond %{SERVER_PORT}  !^443$
RewriteRule ^/(.*)$ https://%{SERVER_NAME}/home [R,L]

This works mostly right and will serve the non-secure URL's properly,
however they are then continuing on to process the rule for 80->443 , but
not actually re-directing the browser, but does appear in the access logs.
Any help on the right way forward for this would be great.

many thanks in advance

Steve

Steve Foster | Capgemini | Telford
Shared Technology Services
T. +44 (0) 1952 296664 | www.capgemini.com
Internal: 46664

Join the Collaborative Business Experience 


===========================================================
Our e-mail domain has now changed from iraspire.com to hmrcaspire.com. Please update your address books.
===========================================================


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Help with re-write rules

Posted by Joshua Slive <jo...@slive.ca>.

On 8/14/06, Foster, Stephen (ASPIRE) <st...@hmrcaspire.com> wrote:

> RewriteCond %{HTTP_HOST}   !^online\.domain\.com [NC]
> RewriteCond %{HTTP_HOST}   !^$
> RewriteRule ^/(.*)         http://online.domain.com:%{SERVER_PORT}/$1 [R]
> RewriteCond %{REQUEST_URI}  !^/heartbeat/heartbeat.htm
> RewriteCond %{REQUEST_URI}  !^/server-status
> RewriteCond %{SERVER_PORT}  !^443$
> RewriteRule ^/(.*)$ https://%{SERVER_NAME}/home [R,L]
>
> This works mostly right and will serve the non-secure URL's properly,
> however they are then continuing on to process the rule for 80->443 , but
> not actually re-directing the browser, but does appear in the access logs.
> Any help on the right way forward for this would be great.

Hmmm... Can you reread that last paragraph again.  It doesn't make any
sense to me and is grammatically very ambiguous.  Exactly what problem
are you having?  Exactly what do the requests look like, and exactly
what do you see in the access log and rewrite log?

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Help with re-write rules

Posted by Robert Ionescu <ro...@googlemail.com>.

Foster, Stephen (ASPIRE) wrote:
> # =================================================
> # Rewrite to HTTPS Settings
> # =================================================
> RewriteCond %{HTTP_HOST}   !^online\.domain\.com [NC]
> RewriteCond %{HTTP_HOST}   !^$

Use lexicographically equal (!="") here instead of a regular expression
> RewriteRule ^/(.*)         http://online.domain.com:%{SERVER_PORT}/$1 [R]
> RewriteCond %{REQUEST_URI}  !^/heartbeat/heartbeat.htm
> RewriteCond %{REQUEST_URI}  !^/server-status
> RewriteCond %{SERVER_PORT}  !^443$
> RewriteRule ^/(.*)$ https://%{SERVER_NAME}/home [R,L]

Why are you using Server_Name, if you force this to be 
online.domain.com or online.domain.com:%{SERVER_PORT}. Should every 
request really go to /home?

I think you're looking for something like

# =================================================
# Rewrite to HTTPS Settings
# =================================================
RewriteCond %{REQUEST_URI}  !=/heartbeat/heartbeat.htm
RewriteCond %{REQUEST_URI}  !=/server-status
RewriteCond %{SERVER_PORT}  !=443
RewriteRule ^/(.*)$ https://online.domain.com/$1 [R=301,L]
RewriteRule ^/$ https://online.domain.com/home [R=301,L]
RewriteCond %{HTTP_HOST}   !^online\.domain\.com [NC]
RewriteCond %{HTTP_HOST}   !=""
RewriteRule ^/(.*)  http://online.domain.com:%{SERVER_PORT}/$1 [R=301,L]

-- 
Robert

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org