You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Peter Clark <pe...@bethel.edu> on 2004/12/20 15:59:06 UTC

[users@httpd] Redirecting http traffic to an https virtual host

    I have been reassured by the documentation that this is an easy problem, 
but for some reason I'm not having much luck. I'm running Apache 2.0.52 on 
Debian Sarge, and I want to use Squirrelmail with SSL. No problems running 
Squirrelmail at https://webmail.mydomain.tld. But what I want is for all 
requests to http://webmail.mydomain.tld to be redirected to https://. Here's 
where I run into trouble. /etc/apache2/httpd.conf has the line 
"NameVirtualHost 1.2.3.4" and I have the virtual domain for 
webmail.mydomain.tld stored in /etc/apache2/sites-available/webmail:
---
/etc/apache2/sites-available/webmail:
<Directory /var/www/webmail>
  php_flag register_globals off
  Options Indexes FollowSymLinks
  <IfModule mod_dir.c>
    DirectoryIndex index.php
  </IfModule>
</Directory>

# users will prefer a simple URL like http://webmail.example.com
<VirtualHost webmail.mydomain.tld:443>
  SSLEngine on
  SSLCertificateFile /etc/ssl/mydomain.tld/Cert.pem
  SSLCertificateKeyFile /etc/ssl/mydomain.tld/PrivateKey.pem
  DocumentRoot /var/www/webmail
  ServerName webmail.mydomain.tld
  ServerAdmin postmaster@mydomain.tld
</VirtualHost>

<VirtualHost webmail.mydomain.tld:80>
  ServerName webmail.mydomain.tld
  Redirect permanent / https://webmail.mydomain.tld
</VirtualHost>
---
    If I have /etc/apache2/sites-available/webmail set up like this, I get the 
following error when trying to start Apache:
---
Starting web server: Apache2[Mon Dec 20 14:44:46 2004] [error] VirtualHost 
webmail.mydomain.tld:80-- mixing * ports and non-* ports with a 
NameVirtualHost address is not supported, proceeding with undefined results
[Mon Dec 20 14:44:46 2004] [error] VirtualHost webmail.mydomain.tld:443 -- 
mixing * ports and non-* ports with a NameVirtualHost address is not 
supported, proceeding with undefined results  
---
However, if I comment out the "<VirtualHost webmail.mydomain.tld:80>" and 
following lines, and change "<VirtualHost webmail.mydomain.tld:443>" to 
"<VirtualHost webmail.mydomain.tld>", traffic to http://webmail.mydomain.tld 
isn't redirected.
    I also tried putting an .htaccess file in /var/www/webmail (which is a 
symbolic link to /usr/share/squirrelmail, Squirrelmail's home directory) with 
the following contents:
---
DirectoryIndex index.php

<IfModule mod_rewrite.c>
        RewriteEngine On
        RewriteCond %{SERVER_PORT}      !^443$
        RewriteRule ^(.*)$      https://%{SERVER_NAME}/webmail/$1 [L,R=303]
</IfModule>
---
But still traffic isn't redirected. I've checked that mod_rewrite is enabled. 
So what obvious thing am I missing?
    Thanks,
    :Peter

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Redirecting http traffic to an https virtual host

Posted by apache <ap...@ayni.com>.

Hi Peter
i have many such web instancies, which are redirected from http to 
https. that saves me much anger because i don't need to tell people, 
that they better go https.

i do it defining two virtual webs (one http and one https) and putting 
in the http web only a refer.html which instantly refers to the https 
web. I have read in these news, that this may not be optimal, since if i 
put a refer.html in the first web, it depends on the browser, how well 
and if at all the user is rerouted. well, you may do it with a static 
reroute.

suomi


Peter Clark wrote:

>    I have been reassured by the documentation that this is an easy problem, 
>but for some reason I'm not having much luck. I'm running Apache 2.0.52 on 
>Debian Sarge, and I want to use Squirrelmail with SSL. No problems running 
>Squirrelmail at https://webmail.mydomain.tld. But what I want is for all 
>requests to http://webmail.mydomain.tld to be redirected to https://. Here's 
>where I run into trouble. /etc/apache2/httpd.conf has the line 
>"NameVirtualHost 1.2.3.4" and I have the virtual domain for 
>webmail.mydomain.tld stored in /etc/apache2/sites-available/webmail:
>---
>/etc/apache2/sites-available/webmail:
><Directory /var/www/webmail>
>  php_flag register_globals off
>  Options Indexes FollowSymLinks
>  <IfModule mod_dir.c>
>    DirectoryIndex index.php
>  </IfModule>
></Directory>
>
># users will prefer a simple URL like http://webmail.example.com
><VirtualHost webmail.mydomain.tld:443>
>  SSLEngine on
>  SSLCertificateFile /etc/ssl/mydomain.tld/Cert.pem
>  SSLCertificateKeyFile /etc/ssl/mydomain.tld/PrivateKey.pem
>  DocumentRoot /var/www/webmail
>  ServerName webmail.mydomain.tld
>  ServerAdmin postmaster@mydomain.tld
></VirtualHost>
>
><VirtualHost webmail.mydomain.tld:80>
>  ServerName webmail.mydomain.tld
>  Redirect permanent / https://webmail.mydomain.tld
></VirtualHost>
>---
>    If I have /etc/apache2/sites-available/webmail set up like this, I get the 
>following error when trying to start Apache:
>---
>Starting web server: Apache2[Mon Dec 20 14:44:46 2004] [error] VirtualHost 
>webmail.mydomain.tld:80-- mixing * ports and non-* ports with a 
>NameVirtualHost address is not supported, proceeding with undefined results
>[Mon Dec 20 14:44:46 2004] [error] VirtualHost webmail.mydomain.tld:443 -- 
>mixing * ports and non-* ports with a NameVirtualHost address is not 
>supported, proceeding with undefined results  
>---
>However, if I comment out the "<VirtualHost webmail.mydomain.tld:80>" and 
>following lines, and change "<VirtualHost webmail.mydomain.tld:443>" to 
>"<VirtualHost webmail.mydomain.tld>", traffic to http://webmail.mydomain.tld 
>isn't redirected.
>    I also tried putting an .htaccess file in /var/www/webmail (which is a 
>symbolic link to /usr/share/squirrelmail, Squirrelmail's home directory) with 
>the following contents:
>---
>DirectoryIndex index.php
>
><IfModule mod_rewrite.c>
>        RewriteEngine On
>        RewriteCond %{SERVER_PORT}      !^443$
>        RewriteRule ^(.*)$      https://%{SERVER_NAME}/webmail/$1 [L,R=303]
></IfModule>
>---
>But still traffic isn't redirected. I've checked that mod_rewrite is enabled. 
>So what obvious thing am I missing?
>    Thanks,
>    :Peter
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
>
>  
>


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Redirecting http traffic to an https virtual host

Posted by John Moore <jo...@pdsi-software.com>.

Peter,

Here is what I have in production today on a Apache 2.0.X server.  This 
is within a VirtualHost.   Suggest defining a rewrite log and setting 
logging level high to see what's going on behind the scene if this 
doesn't work for you.

John

<Location "/xyz">
    RewriteEngine on
    RewriteCond %{SERVER_PORT} !=443
    RewriteRule ^.*/xyz(.*)$ https://%{SERVER_NAME}/xyz$1 [R]
</Location>


Peter Clark wrote:
>
>     I have been reassured by the documentation that this is an easy 
> problem,
> but for some reason I'm not having much luck. I'm running Apache 
> 2.0.52 on
> Debian Sarge, and I want to use Squirrelmail with SSL. No problems 
> running
> Squirrelmail at https://webmail.mydomain.tld. But what I want is for all
> requests to http://webmail.mydomain.tld to be redirected to https://. 
> Here's
> where I run into trouble. /etc/apache2/httpd.conf has the line
> "NameVirtualHost 1.2.3.4" and I have the virtual domain for
> webmail.mydomain.tld stored in /etc/apache2/sites-available/webmail:
> ---
> /etc/apache2/sites-available/webmail:
> <Directory /var/www/webmail>
>   php_flag register_globals off
>   Options Indexes FollowSymLinks
>   <IfModule mod_dir.c>
>     DirectoryIndex index.php
>   </IfModule>
> </Directory>
>
> # users will prefer a simple URL like http://webmail.example.com
> <VirtualHost webmail.mydomain.tld:443>
>   SSLEngine on
>   SSLCertificateFile /etc/ssl/mydomain.tld/Cert.pem
>   SSLCertificateKeyFile /etc/ssl/mydomain.tld/PrivateKey.pem
>   DocumentRoot /var/www/webmail
>   ServerName webmail.mydomain.tld
>   ServerAdmin postmaster@mydomain.tld
> </VirtualHost>
>
> <VirtualHost webmail.mydomain.tld:80>
>   ServerName webmail.mydomain.tld
>   Redirect permanent / https://webmail.mydomain.tld
> </VirtualHost>
> ---
>     If I have /etc/apache2/sites-available/webmail set up like this, I 
> get the
> following error when trying to start Apache:
> ---
> Starting web server: Apache2[Mon Dec 20 14:44:46 2004] [error] 
> VirtualHost
> webmail.mydomain.tld:80-- mixing * ports and non-* ports with a
> NameVirtualHost address is not supported, proceeding with undefined 
> results
> [Mon Dec 20 14:44:46 2004] [error] VirtualHost 
> webmail.mydomain.tld:443 --
> mixing * ports and non-* ports with a NameVirtualHost address is not
> supported, proceeding with undefined results 
> ---
> However, if I comment out the "<VirtualHost webmail.mydomain.tld:80>" and
> following lines, and change "<VirtualHost webmail.mydomain.tld:443>" to
> "<VirtualHost webmail.mydomain.tld>", traffic to 
> http://webmail.mydomain.tld
> isn't redirected.
>     I also tried putting an .htaccess file in /var/www/webmail (which 
> is a
> symbolic link to /usr/share/squirrelmail, Squirrelmail's home 
> directory) with
> the following contents:
> ---
> DirectoryIndex index.php
>
> <IfModule mod_rewrite.c>
>         RewriteEngine On
>         RewriteCond %{SERVER_PORT}      !^443$
>         RewriteRule ^(.*)$      https://%{SERVER_NAME}/webmail/$1 
> [L,R=303]
> </IfModule>
> ---
> But still traffic isn't redirected. I've checked that mod_rewrite is 
> enabled.
> So what obvious thing am I missing?
>     Thanks,
>     :Peter
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server 
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org