You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by David Mehler <da...@gmail.com> on 2018/02/17 16:22:11 UTC

[users@httpd] rewrite not working, still going https

Hello,

I'm trying to get apache 2.4 not to rewrite urls with
.well-known/acme-challenge in them. I do not want these urls
redirected to https but all other urls to do so. Everytime I think
I've got this renewing a letsencrypt certificate fails.

If anyone sees a glaringly obvious error i'd appreciate knowing about it.

Thanks.
Dave.
httpd.conf fragment
# Access to .well-known for acme-challenge keys
        <Directory "/usr/local/www/.well-known/">
           Options None
           AllowOverride None
           Require all granted
           Header add Content-Type text/plain
<LimitExcept GET POST HEAD>
Require all denied
</LimitExcept>
        </Directory>

#
# Virtual host file
    # share well-known for renewal via Let's Encrypt!
    Alias "/.well-known/" "/usr/local/www/.well-known/"

 <IfModule mod_rewrite.c>
      RewriteEngine On
      RewriteCond %(REQUEST_URI) !/\.well\-known/acme\-challenge/?.*
      RewriteCond %{HTTPS} off
      RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
    </IfModule>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] rewrite not working, still going https

Posted by Frank Gingras <th...@apache.org>.

There are a few hints that the user is new to mod_rewrite and PCRE too: no
need to escape the '-' in an expression, not using a substring match with
the RewriteCond (or just anchoring it at the beginning), and you can match
^ instead of a wildcard. And for 301's, always test with curl to bypass
your browser cache.

On Sat, Feb 17, 2018 at 12:44 PM, Eric Covener <co...@gmail.com> wrote:

> LogLevel rewrite:trace8 would help here.
>
> On Sat, Feb 17, 2018 at 11:22 AM, David Mehler <da...@gmail.com>
> wrote:
> > Hello,
> >
> > I'm trying to get apache 2.4 not to rewrite urls with
> > .well-known/acme-challenge in them. I do not want these urls
> > redirected to https but all other urls to do so. Everytime I think
> > I've got this renewing a letsencrypt certificate fails.
> >
> > If anyone sees a glaringly obvious error i'd appreciate knowing about it.
> >
> > Thanks.
> > Dave.
> > httpd.conf fragment
> > # Access to .well-known for acme-challenge keys
> >         <Directory "/usr/local/www/.well-known/">
> >            Options None
> >            AllowOverride None
> >            Require all granted
> >            Header add Content-Type text/plain
> > <LimitExcept GET POST HEAD>
> > Require all denied
> > </LimitExcept>
> >         </Directory>
> >
> > #
> > # Virtual host file
> >     # share well-known for renewal via Let's Encrypt!
> >     Alias "/.well-known/" "/usr/local/www/.well-known/"
> >
> >  <IfModule mod_rewrite.c>
> >       RewriteEngine On
> >       RewriteCond %(REQUEST_URI) !/\.well\-known/acme\-challenge/?.*
> >       RewriteCond %{HTTPS} off
> >       RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
> >     </IfModule>
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
>
>
>
> --
> Eric Covener
> covener@gmail.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

Re: [users@httpd] rewrite not working, still going https

Posted by Eric Covener <co...@gmail.com>.

LogLevel rewrite:trace8 would help here.

On Sat, Feb 17, 2018 at 11:22 AM, David Mehler <da...@gmail.com> wrote:
> Hello,
>
> I'm trying to get apache 2.4 not to rewrite urls with
> .well-known/acme-challenge in them. I do not want these urls
> redirected to https but all other urls to do so. Everytime I think
> I've got this renewing a letsencrypt certificate fails.
>
> If anyone sees a glaringly obvious error i'd appreciate knowing about it.
>
> Thanks.
> Dave.
> httpd.conf fragment
> # Access to .well-known for acme-challenge keys
>         <Directory "/usr/local/www/.well-known/">
>            Options None
>            AllowOverride None
>            Require all granted
>            Header add Content-Type text/plain
> <LimitExcept GET POST HEAD>
> Require all denied
> </LimitExcept>
>         </Directory>
>
> #
> # Virtual host file
>     # share well-known for renewal via Let's Encrypt!
>     Alias "/.well-known/" "/usr/local/www/.well-known/"
>
>  <IfModule mod_rewrite.c>
>       RewriteEngine On
>       RewriteCond %(REQUEST_URI) !/\.well\-known/acme\-challenge/?.*
>       RewriteCond %{HTTPS} off
>       RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
>     </IfModule>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>



-- 
Eric Covener
covener@gmail.com

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org