You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Peter Clark <pe...@bethel.edu> on 2004/12/20 15:59:06 UTC
[users@httpd] Redirecting http traffic to an https virtual host
I have been reassured by the documentation that this is an easy problem,
but for some reason I'm not having much luck. I'm running Apache 2.0.52 on
Debian Sarge, and I want to use Squirrelmail with SSL. No problems running
Squirrelmail at https://webmail.mydomain.tld. But what I want is for all
requests to http://webmail.mydomain.tld to be redirected to https://. Here's
where I run into trouble. /etc/apache2/httpd.conf has the line
"NameVirtualHost 1.2.3.4" and I have the virtual domain for
webmail.mydomain.tld stored in /etc/apache2/sites-available/webmail:
---
/etc/apache2/sites-available/webmail:
<Directory /var/www/webmail>
php_flag register_globals off
Options Indexes FollowSymLinks
<IfModule mod_dir.c>
DirectoryIndex index.php
</IfModule>
</Directory>
# users will prefer a simple URL like http://webmail.example.com
<VirtualHost webmail.mydomain.tld:443>
SSLEngine on
SSLCertificateFile /etc/ssl/mydomain.tld/Cert.pem
SSLCertificateKeyFile /etc/ssl/mydomain.tld/PrivateKey.pem
DocumentRoot /var/www/webmail
ServerName webmail.mydomain.tld
ServerAdmin postmaster@mydomain.tld
</VirtualHost>
<VirtualHost webmail.mydomain.tld:80>
ServerName webmail.mydomain.tld
Redirect permanent / https://webmail.mydomain.tld
</VirtualHost>
---
If I have /etc/apache2/sites-available/webmail set up like this, I get the
following error when trying to start Apache:
---
Starting web server: Apache2[Mon Dec 20 14:44:46 2004] [error] VirtualHost
webmail.mydomain.tld:80-- mixing * ports and non-* ports with a
NameVirtualHost address is not supported, proceeding with undefined results
[Mon Dec 20 14:44:46 2004] [error] VirtualHost webmail.mydomain.tld:443 --
mixing * ports and non-* ports with a NameVirtualHost address is not
supported, proceeding with undefined results
---
However, if I comment out the "<VirtualHost webmail.mydomain.tld:80>" and
following lines, and change "<VirtualHost webmail.mydomain.tld:443>" to
"<VirtualHost webmail.mydomain.tld>", traffic to http://webmail.mydomain.tld
isn't redirected.
I also tried putting an .htaccess file in /var/www/webmail (which is a
symbolic link to /usr/share/squirrelmail, Squirrelmail's home directory) with
the following contents:
---
DirectoryIndex index.php
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^(.*)$ https://%{SERVER_NAME}/webmail/$1 [L,R=303]
</IfModule>
---
But still traffic isn't redirected. I've checked that mod_rewrite is enabled.
So what obvious thing am I missing?
Thanks,
:Peter
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Redirecting http traffic to an https virtual host
Posted by apache <ap...@ayni.com>.
Hi Peter
i have many such web instancies, which are redirected from http to
https. that saves me much anger because i don't need to tell people,
that they better go https.
i do it defining two virtual webs (one http and one https) and putting
in the http web only a refer.html which instantly refers to the https
web. I have read in these news, that this may not be optimal, since if i
put a refer.html in the first web, it depends on the browser, how well
and if at all the user is rerouted. well, you may do it with a static
reroute.
suomi
Peter Clark wrote:
> I have been reassured by the documentation that this is an easy problem,
>but for some reason I'm not having much luck. I'm running Apache 2.0.52 on
>Debian Sarge, and I want to use Squirrelmail with SSL. No problems running
>Squirrelmail at https://webmail.mydomain.tld. But what I want is for all
>requests to http://webmail.mydomain.tld to be redirected to https://. Here's
>where I run into trouble. /etc/apache2/httpd.conf has the line
>"NameVirtualHost 1.2.3.4" and I have the virtual domain for
>webmail.mydomain.tld stored in /etc/apache2/sites-available/webmail:
>---
>/etc/apache2/sites-available/webmail:
><Directory /var/www/webmail>
> php_flag register_globals off
> Options Indexes FollowSymLinks
> <IfModule mod_dir.c>
> DirectoryIndex index.php
> </IfModule>
></Directory>
>
># users will prefer a simple URL like http://webmail.example.com
><VirtualHost webmail.mydomain.tld:443>
> SSLEngine on
> SSLCertificateFile /etc/ssl/mydomain.tld/Cert.pem
> SSLCertificateKeyFile /etc/ssl/mydomain.tld/PrivateKey.pem
> DocumentRoot /var/www/webmail
> ServerName webmail.mydomain.tld
> ServerAdmin postmaster@mydomain.tld
></VirtualHost>
>
><VirtualHost webmail.mydomain.tld:80>
> ServerName webmail.mydomain.tld
> Redirect permanent / https://webmail.mydomain.tld
></VirtualHost>
>---
> If I have /etc/apache2/sites-available/webmail set up like this, I get the
>following error when trying to start Apache:
>---
>Starting web server: Apache2[Mon Dec 20 14:44:46 2004] [error] VirtualHost
>webmail.mydomain.tld:80-- mixing * ports and non-* ports with a
>NameVirtualHost address is not supported, proceeding with undefined results
>[Mon Dec 20 14:44:46 2004] [error] VirtualHost webmail.mydomain.tld:443 --
>mixing * ports and non-* ports with a NameVirtualHost address is not
>supported, proceeding with undefined results
>---
>However, if I comment out the "<VirtualHost webmail.mydomain.tld:80>" and
>following lines, and change "<VirtualHost webmail.mydomain.tld:443>" to
>"<VirtualHost webmail.mydomain.tld>", traffic to http://webmail.mydomain.tld
>isn't redirected.
> I also tried putting an .htaccess file in /var/www/webmail (which is a
>symbolic link to /usr/share/squirrelmail, Squirrelmail's home directory) with
>the following contents:
>---
>DirectoryIndex index.php
>
><IfModule mod_rewrite.c>
> RewriteEngine On
> RewriteCond %{SERVER_PORT} !^443$
> RewriteRule ^(.*)$ https://%{SERVER_NAME}/webmail/$1 [L,R=303]
></IfModule>
>---
>But still traffic isn't redirected. I've checked that mod_rewrite is enabled.
>So what obvious thing am I missing?
> Thanks,
> :Peter
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
>
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Redirecting http traffic to an https virtual host
Posted by John Moore <jo...@pdsi-software.com>.
Peter,
Here is what I have in production today on a Apache 2.0.X server. This
is within a VirtualHost. Suggest defining a rewrite log and setting
logging level high to see what's going on behind the scene if this
doesn't work for you.
John
<Location "/xyz">
RewriteEngine on
RewriteCond %{SERVER_PORT} !=443
RewriteRule ^.*/xyz(.*)$ https://%{SERVER_NAME}/xyz$1 [R]
</Location>
Peter Clark wrote:
>
> I have been reassured by the documentation that this is an easy
> problem,
> but for some reason I'm not having much luck. I'm running Apache
> 2.0.52 on
> Debian Sarge, and I want to use Squirrelmail with SSL. No problems
> running
> Squirrelmail at https://webmail.mydomain.tld. But what I want is for all
> requests to http://webmail.mydomain.tld to be redirected to https://.
> Here's
> where I run into trouble. /etc/apache2/httpd.conf has the line
> "NameVirtualHost 1.2.3.4" and I have the virtual domain for
> webmail.mydomain.tld stored in /etc/apache2/sites-available/webmail:
> ---
> /etc/apache2/sites-available/webmail:
> <Directory /var/www/webmail>
> php_flag register_globals off
> Options Indexes FollowSymLinks
> <IfModule mod_dir.c>
> DirectoryIndex index.php
> </IfModule>
> </Directory>
>
> # users will prefer a simple URL like http://webmail.example.com
> <VirtualHost webmail.mydomain.tld:443>
> SSLEngine on
> SSLCertificateFile /etc/ssl/mydomain.tld/Cert.pem
> SSLCertificateKeyFile /etc/ssl/mydomain.tld/PrivateKey.pem
> DocumentRoot /var/www/webmail
> ServerName webmail.mydomain.tld
> ServerAdmin postmaster@mydomain.tld
> </VirtualHost>
>
> <VirtualHost webmail.mydomain.tld:80>
> ServerName webmail.mydomain.tld
> Redirect permanent / https://webmail.mydomain.tld
> </VirtualHost>
> ---
> If I have /etc/apache2/sites-available/webmail set up like this, I
> get the
> following error when trying to start Apache:
> ---
> Starting web server: Apache2[Mon Dec 20 14:44:46 2004] [error]
> VirtualHost
> webmail.mydomain.tld:80-- mixing * ports and non-* ports with a
> NameVirtualHost address is not supported, proceeding with undefined
> results
> [Mon Dec 20 14:44:46 2004] [error] VirtualHost
> webmail.mydomain.tld:443 --
> mixing * ports and non-* ports with a NameVirtualHost address is not
> supported, proceeding with undefined results
> ---
> However, if I comment out the "<VirtualHost webmail.mydomain.tld:80>" and
> following lines, and change "<VirtualHost webmail.mydomain.tld:443>" to
> "<VirtualHost webmail.mydomain.tld>", traffic to
> http://webmail.mydomain.tld
> isn't redirected.
> I also tried putting an .htaccess file in /var/www/webmail (which
> is a
> symbolic link to /usr/share/squirrelmail, Squirrelmail's home
> directory) with
> the following contents:
> ---
> DirectoryIndex index.php
>
> <IfModule mod_rewrite.c>
> RewriteEngine On
> RewriteCond %{SERVER_PORT} !^443$
> RewriteRule ^(.*)$ https://%{SERVER_NAME}/webmail/$1
> [L,R=303]
> </IfModule>
> ---
> But still traffic isn't redirected. I've checked that mod_rewrite is
> enabled.
> So what obvious thing am I missing?
> Thanks,
> :Peter
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org