[BlueOnyx:11784] Re: Web Alias Redirects with SSL

[Carl E. Hartung]

On Wed, 12 Dec 2012 09:42:13 -0500
Robert Fitzpatrick <robert at webtent.org> wrote:

> On 12/11/2012 11:54 PM, Carl E. Hartung wrote:
> > On Tue, 11 Dec 2012 14:39:27 -0500
> > Robert Fitzpatrick <robert at webtent.org> wrote:
> > 
> >> Having the worst time trying to get SSL to redirect to the proper
> >> host name of the cert when no host is used (i.e.: https://vsite.com
> >> redirect to https://host.vsite.com). The 'Web Alias Redirects'
> >> don't seem to work when using SSL. Using http, the redirects work
> >> just fine, but with https, it does not redirect. I have not been
> >> able to get Rewrite rules to work in the sites .htaccess file even
> >> though AllowOverride All and Options All have been enabled in the
> >> GUI under Server Management -> Network Services -> Web settings.
> >> Is it possible to get SSL to redirect? I have tried on a 5106 and
> >> 5108 server.
> >>
> >> Thanks, Robert
> > 
> > I was expecting to see some replies here for you by now, Robert.
> > Since I don't, I'll share the links I use (because they always
> > help):
> > 
> > http://httpd.apache.org/docs/2.2/rewrite/
> > 
> > http://www.askapache.com/htaccess/mod_rewrite-variables-cheatsheet.html
> > 
> > http://httpd.apache.org/docs/2.2/rewrite/flags.html
> > 
> > and
> > 
> > http://www.zeitnitz.de/Christian/rewrite
> > 
> 
> Thanks Carl, just wanna make sure I understand what needs to be done.
> You have the Rewrite directive working in a .htaccess file on a
> Blueonyx server?
> 
> I have examined the docs you sent, thank you, and put together a very
> basic Rewrite in the .htaccess file of a virtual site and when
> browsing to https://vsite.com/ (substituting vsite for actual domain
> name), no redirect happens at all and no errors or messages in the
> /var/log/httpd/error_log file.

Hi Robert,

I'm no expert by any stretch of the imagination :-) but I've studied
and used those reference pages many, many times.

Comments interspersed:

> <IfModule mod_rewrite.c>

I've read that forcing the server to check for the availability of
mod_rewrite at every page request is wasted time and unnecessary load.
YMMV, but after I've confirmed the module is working, I drop the
'<IfModule ...> ... </IfModule>' conditional. 

>   RewriteEngine On
>   RewriteCond %{HTTP_HOST}     =vsite.com
>   RewriteCond %{SERVER_PORT}   =443

My understanding is these entries take the form 'condition' then
'rule', i.e.:

    RewriteCond
    RewriteRule

not 'condition', 'condition' then 'rule'. It /may/ be possible and
appropriate to nest these entries in the manner that you're attempting,
I just can't recall off the top of my head if I've seen it done that
way before.

I also think it is unnecessary to specify port 443 along with the
protocol 'https' as that is the default port.

>   RewriteRule ^/(.*)$          https://www.vsite.com/$1 [L,R]
> </IfModule>
> 
> Am I doing this wrong? Appreciate any help. As I mentioned before, I
> have AllowOverride and Options both set to All in the GUI.
> 
> Thanks, Robert

I'm not sure I understand exactly what your objective is, but I can
provide an example from a live site (changed domain, of course) for you
to compare against:

- - - - - 8< - - - - -
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www.exampledomain.com$
RewriteRule ^(.*)$ http://www.exampledomain.com/$1 [R=301]
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
- - - - - 8< - - - - -

The first condition and rewrite rule corrects incoming requests that
omit the leading 'www.'

The second pair forces https protocol.

I hope this helps and good luck!

Carl