You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Ian Kluft <ik...@cisco.com> on 1998/02/27 06:05:08 UTC

unqualified names (was: more IIS tricks...)

> From: Dean Gaudet <dg...@arctic.org>
>[...] 
> I cringe when my coworkers refer to our internal webserver by its
> unqualified name.  They've no idea why I'm cringing.  I'm probably the
> only one there that uses the FQDN.  These aren't dumb users either,
> they're just not aware what's going on behind the scenes.  If we ever use
> authentication or cookies on this server... boy will they be annoyed at
> how broken they are with unqualified names. 
>[...] 

You can use mod_rewrite to detect when your server is called by an
unqualified host name.  There are two obvious choices if you do that:
either redirect it to the equivalent fully-qualified name or redirect
it to a page scolding them for using an unqualified name.  ;-)

I've used stuff like this for a couple years...
------------------------------------------------------------------------------
RewriteCond %{HTTP_HOST} !^fully.qualified.domain.name
RewriteCond %{HTTP_HOST} !^$
RewriteCond %{SERVER_PORT} !^80$
RewriteRule ^/(.*) http://fully.qualified.domain.name:%{SERVER_PORT}/$1 [L,R]
 
RewriteCond %{HTTP_HOST} !^fully.qualified.domain.name
RewriteCond %{HTTP_HOST} !^$
RewriteRule ^/(.*) http://fully.qualified.domain.name/$1 [L,R]
------------------------------------------------------------------------------

That redirects anything not using a host's FQDN to use the FQDN.  The
two sets of entries handle the separate cases of whether or not to use
a port number in the redirect or omit it for Port 80.

In particular, this was to eliminate complaints from internal users over
what seemed to them like random additional password challenges.  They were
caused when the users would follow links that used names like
    blah			(just a careless unqualified host name)
    older-name-for-blah		(older careless unqualified host name)
    blah.cisco.com		(correct name)
    older-name-for-blah.cisco.com (out-of-date link using FQDN)
    blah-ether.cisco.com   (apparently someone used reverse DNS to get this)
    blah-fddi.cisco.com	   (apparently someone used reverse DNS to get this)

Since the names weren't identical, the browser assumed they were different
hosts and repeated the password challenges.  That was all fixed with the
rewrite rules listed above.  (They eliminated a really annoying source
of complaints for our internal support people.)

However, in your case, you may want to use a variation on this to redirect
them to a page where you chastise them for using a unqualified host name. :-)
-- 
Ian Kluft  KO6YQ PP-ASEL                                  Cisco Systems, Inc.
ikluft@cisco.com (work)  ikluft@thunder.sbay.org (home)          San Jose, CA

Re: unqualified names (was: more IIS tricks...)

Posted by Dean Gaudet <dg...@arctic.org>.

On Thu, 26 Feb 1998, Ian Kluft wrote:

> However, in your case, you may want to use a variation on this to redirect
> them to a page where you chastise them for using a unqualified host name. :-)

Yeah this is one of the things I love about mod_rewrite... but since I'm
not in MIS at the new place I'll just ignore the problem :)  (at least
until they come bug me saying "but apache is broken and forcing auth
twice!") 

Dean