I thought I understood how to use apache's rewriting rules to force certain pages to https, but it's not working. I've compared my .conf file to others online, and it looks right to me.
This is my /etc/httpd/conf.d/force-ssl.conf file: ------- # Rewrite Rules. RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^/webmail/(.*) https://%%7BSERVER_NAME%7D/webmail/$1 [R,L] RewriteRule ^/mailman/(.*) https://%%7BSERVER_NAME%7D/mailman/$1 [R,L]
#Debug rewrite rules RewriteLog /etc/httpd/logs/rewrite_engine_log RewriteLogLevel 3 ------- The idea is to take any URL under /webmail or /mailman and redirect it to https, so that, for example,
http://www.concretecomputing.com/webmail/
gets redirected to the same page, but using https. It doesn't happen.
SSL is working; if I type in the https it works fine. But no redirection is happening. I have restarted Apache uneventfully. What did I do wrong?
Thanks, Matt
On Tue, 2005-07-26 at 13:26 -0400, Matt Morgan wrote:
RewriteRule ^/webmail/(.*) https://%%7BSERVER_NAME%7D/webmail/$1 [R,L] RewriteRule ^/mailman/(.*) https://%%7BSERVER_NAME%7D/mailman/$1 [R,L]
I have never had good luck with mod_rewrite. I know there is a plugin for squirrelmail to do the switch over to https from http. As for mailman, I think it has an option built-in to it.
You just need to get rid of the leading slash in your patterns:
RewriteRule ^webmail/(.*) https://%%7BSERVER_NAME%7D/webmail/$1 [R,L] RewriteRule ^mailman/(.*) https://%%7BSERVER_NAME%7D/mailman/$1 [R,L]
Patrick
On 7/26/05, Nathan Grennan fedora-list@cygnusx-1.org wrote:
On Tue, 2005-07-26 at 13:26 -0400, Matt Morgan wrote:
RewriteRule ^/webmail/(.*) https://%%7BSERVER_NAME%7D/webmail/$1 [R,L] RewriteRule ^/mailman/(.*) https://%%7BSERVER_NAME%7D/mailman/$1 [R,L]
I have never had good luck with mod_rewrite. I know there is a plugin for squirrelmail to do the switch over to https from http. As for mailman, I think it has an option built-in to it.
-- fedora-list mailing list fedora-list@redhat.com To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
On 7/26/05, patrick gibblertron@gmail.com wrote:
On 7/26/05, Nathan Grennan fedora-list@cygnusx-1.org wrote:
On Tue, 2005-07-26 at 13:26 -0400, Matt Morgan wrote:
RewriteRule ^/webmail/(.*) https://%%7BSERVER_NAME%7D/webmail/$1 [R,L] RewriteRule ^/mailman/(.*) https://%%7BSERVER_NAME%7D/mailman/$1 [R,L]
You just need to get rid of the leading slash in your patterns:
RewriteRule ^webmail/(.*) https://%%7BSERVER_NAME%7D/webmail/$1 [R,L] RewriteRule ^mailman/(.*) https://%%7BSERVER_NAME%7D/mailman/$1 [R,L]
Patrick
Didn't help!
All I have to do is edit the file and restart apache, correct?
On 7/26/05, Matt Morgan minxmertzmomo@gmail.com wrote:
On 7/26/05, patrick gibblertron@gmail.com wrote:
On 7/26/05, Nathan Grennan fedora-list@cygnusx-1.org wrote:
On Tue, 2005-07-26 at 13:26 -0400, Matt Morgan wrote:
RewriteRule ^/webmail/(.*) https://%%7BSERVER_NAME%7D/webmail/$1 [R,L] RewriteRule ^/mailman/(.*) https://%%7BSERVER_NAME%7D/mailman/$1 [R,L]
You just need to get rid of the leading slash in your patterns:
RewriteRule ^webmail/(.*) https://%%7BSERVER_NAME%7D/webmail/$1 [R,L] RewriteRule ^mailman/(.*) https://%%7BSERVER_NAME%7D/mailman/$1 [R,L]
Patrick
Didn't help!
All I have to do is edit the file and restart apache, correct?
Another thought: is it possible I don't have mod_rewrite installed? How would I know? It doesn't show up in my rpm db like mod_ssl, but I get nothing when I do
yum install mod_rewrite
I get nothing. How do I know what apache modules are installed?
Oh, you perhaps need to turn on mod_rewrite:
RewriteEngine on ...
Patrick
On 7/26/05, Matt Morgan minxmertzmomo@gmail.com wrote:
On 7/26/05, patrick gibblertron@gmail.com wrote:
On 7/26/05, Nathan Grennan fedora-list@cygnusx-1.org wrote:
On Tue, 2005-07-26 at 13:26 -0400, Matt Morgan wrote:
RewriteRule ^/webmail/(.*) https://%%7BSERVER_NAME%7D/webmail/$1 [R,L] RewriteRule ^/mailman/(.*) https://%%7BSERVER_NAME%7D/mailman/$1 [R,L]
You just need to get rid of the leading slash in your patterns:
RewriteRule ^webmail/(.*) https://%%7BSERVER_NAME%7D/webmail/$1 [R,L] RewriteRule ^mailman/(.*) https://%%7BSERVER_NAME%7D/mailman/$1 [R,L]
Patrick
Didn't help!
All I have to do is edit the file and restart apache, correct?
On Tue, 2005-07-26 at 15:54 -0400, Matt Morgan wrote:>
Another thought: is it possible I don't have mod_rewrite installed? How would I know? It doesn't show up in my rpm db like mod_ssl, but I get nothing when I do
If it's a stock FC[3] apache it is.
Are you sure you're loading the mod_rewrite module somewhere in the httpd.conf[s]?
LoadModule rewrite_module modules/mod_rewrite.so
$httpd -l
will list compiled in modules, but I 'm not sure how to see loaded modules besides browsing a phpinfo(); call:
<?php
phpinfo();
?>
If there is nothing useful in your rewrite logs at level 3, bump the log level up to 9 and check again.
-- Craig Thomas
On Tue, 2005-07-26 at 13:26 -0400, Matt Morgan wrote:
I thought I understood how to use apache's rewriting rules to force certain pages to https, but it's not working. I've compared my .conf file to others online, and it looks right to me.
This is my /etc/httpd/conf.d/force-ssl.conf file:
# Rewrite Rules. RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^/webmail/(.*) https://%%7BSERVER_NAME%7D/webmail/$1 [R,L] RewriteRule ^/mailman/(.*) https://%%7BSERVER_NAME%7D/mailman/$1 [R,L]
#Debug rewrite rules RewriteLog /etc/httpd/logs/rewrite_engine_log RewriteLogLevel 3
The idea is to take any URL under /webmail or /mailman and redirect it to https, so that, for example,
http://www.concretecomputing.com/webmail/
gets redirected to the same page, but using https. It doesn't happen.
SSL is working; if I type in the https it works fine. But no redirection is happening. I have restarted Apache uneventfully. What did I do wrong?
Thanks, Matt
This is how I wrote mine for squirrelmail:
RewriteEngine On RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^/webmail(.*)$ https://%%7BSERVER_NAME%7D/webmail$1
Todd
# Rewrite Rules. RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^/webmail/(.*) https://%%7BSERVER_NAME%7D/webmail/$1 [R,L] RewriteRule ^/mailman/(.*) https://%%7BSERVER_NAME%7D/mailman/$1 [R,L]
#Debug rewrite rules RewriteLog /etc/httpd/logs/rewrite_engine_log RewriteLogLevel 3
The idea is to take any URL under /webmail or /mailman and redirect it to https, so that, for example,
http://www.concretecomputing.com/webmail/
gets redirected to the same page, but using https. It doesn't happen.
<VirtualHost 192.168.1.46:80> ServerName localhost DocumentRoot /var/www/html DirectoryIndex index.html index.shtml RewriteEngine on RewriteCond %{SERVER_PORT} ^80$ RewriteRule ^/webmail(.*)$ https://192.168.1.46/webmail$1 [L,R] RewriteLog "/var/log/httpd/rewrite.log" RewriteLogLevel 4 </VirtualHost>
Replace ipaddress either with the fqdn or with the ipaddress of your machine.
I am also attaching the ssl.sxw file in which how to generate certiticates for http.
Regards
Ankush Grover
On 7/27/05, Ankush Grover ankush174@gmail.com wrote:
# Rewrite Rules. RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^/webmail/(.*) https://%%7BSERVER_NAME%7D/webmail/$1 [R,L] RewriteRule ^/mailman/(.*) https://%%7BSERVER_NAME%7D/mailman/$1 [R,L]
#Debug rewrite rules RewriteLog /etc/httpd/logs/rewrite_engine_log RewriteLogLevel 3
The idea is to take any URL under /webmail or /mailman and redirect it to https, so that, for example,
http://www.concretecomputing.com/webmail/
gets redirected to the same page, but using https. It doesn't happen.
<VirtualHost 192.168.1.46:80> ServerName localhost DocumentRoot /var/www/html DirectoryIndex index.html index.shtml RewriteEngine on RewriteCond %{SERVER_PORT} ^80$ RewriteRule ^/webmail(.*)$ https://192.168.1.46/webmail$1 [L,R] RewriteLog "/var/log/httpd/rewrite.log" RewriteLogLevel 4
</VirtualHost>
Replace ipaddress either with the fqdn or with the ipaddress of your machine.
I am also attaching the ssl.sxw file in which how to generate certiticates for http.
Thanks to everyone for the help so far. Nothing has worked. My /etc/httpd/conf.d/force-ssl.conf file is now: ---- # Rewrite Rules. RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^/webmail/(.*) https://%%7BSERVER_NAME%7D/webmail/$1 [R,L] RewriteRule ^/mailman/(.*) https://%%7BSERVER_NAME%7D/mailman/$1 [R,L]
#Debug rewrite rules RewriteLog /etc/httpd/logs/rewrite_engine_log RewriteLogLevel 9 ---- I didn't change the RewriteRule lines because:
1) Patrick's first suggestion, to remove the initial slash, shouldn't matter and in fact didn't change anything in testing. 2) %{SERVER_NAME} covers Ankush's suggestion about using ip or fqdn; if that part wasn't working I'd be getting redirected to the wrong place, but I'm not getting redirected anywhere. 3) Todd Wease's suggestion is nearly identical to what I have already. He left out a trailing slash in the pattern to match, but I've tried typing URLs both with and without the slash and it doesn't make a difference. His RewriteCond is equivalent to mine in my case where http runs on 80 only, and https on 443 only.
I did increase the RewriteLogLevel, but there no entries ever show up in that log file.
I have tried removing the "RewriteCond %{HTTPS} !=on" line, just in case, but that didn't make any difference.
I checked /etc/httpd/conf/httpd.conf and found the line "LoadModule rewrite_module modules/mod_rewrite.so" so that's good.
It was great of Ankush to send ssl cert instructions, but I already have that working; SSL is not the issue.
So what's going on here? As far as I can tell, mod_rewrite is just not doing what it has been told to do. It's like it's not even watching.
Thanks again, Matt
On 7/27/05, Matt Morgan minxmertzmomo@gmail.com wrote:
On 7/27/05, Ankush Grover ankush174@gmail.com wrote:
# Rewrite Rules. RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^/webmail/(.*) https://%%7BSERVER_NAME%7D/webmail/$1 [R,L] RewriteRule ^/mailman/(.*) https://%%7BSERVER_NAME%7D/mailman/$1 [R,L]
#Debug rewrite rules RewriteLog /etc/httpd/logs/rewrite_engine_log RewriteLogLevel 3
The idea is to take any URL under /webmail or /mailman and redirect it to https, so that, for example,
http://www.concretecomputing.com/webmail/
gets redirected to the same page, but using https. It doesn't happen.
<VirtualHost 192.168.1.46:80> ServerName localhost DocumentRoot /var/www/html DirectoryIndex index.html index.shtml RewriteEngine on RewriteCond %{SERVER_PORT} ^80$ RewriteRule ^/webmail(.*)$ https://192.168.1.46/webmail$1 [L,R] RewriteLog "/var/log/httpd/rewrite.log" RewriteLogLevel 4
</VirtualHost>
Replace ipaddress either with the fqdn or with the ipaddress of your machine.
I am also attaching the ssl.sxw file in which how to generate certiticates for http.
. 2) %{SERVER_NAME} covers Ankush's suggestion about using ip or fqdn; if that part wasn't working I'd be getting redirected to the wrong place, but I'm not getting redirected anywhere.
I did increase the RewriteLogLevel, but there no entries ever show up in that log file.
I have tried removing the "RewriteCond %{HTTPS} !=on" line, just in case, but that didn't make any difference.
<VirtualHost 192.168.1.46:80> ServerName localhost DocumentRoot /var/www/html DirectoryIndex index.html index.shtml RewriteEngine on RewriteCond %{SERVER_PORT} ^80$ RewriteRule ^/webmail(.*)$ https://192.168.1.46/webmail$1 [L,R] RewriteLog "/var/log/httpd/rewrite.log" RewriteLogLevel 4 </VirtualHost>
The code given by me is running on 2 servers in my network.We have few applications of our own and I have done the rewriting rules for those.Most important it is working for webmail in my domain.
It will be good if you can attach your httpd.conf file
Regards
Ankush Grover
On 7/27/05, Ankush Grover ankush174@gmail.com wrote:
On 7/27/05, Matt Morgan minxmertzmomo@gmail.com wrote:
On 7/27/05, Ankush Grover ankush174@gmail.com wrote:
# Rewrite Rules. RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^/webmail/(.*) https://%%7BSERVER_NAME%7D/webmail/$1 [R,L] RewriteRule ^/mailman/(.*) https://%%7BSERVER_NAME%7D/mailman/$1 [R,L]
#Debug rewrite rules RewriteLog /etc/httpd/logs/rewrite_engine_log RewriteLogLevel 3
The idea is to take any URL under /webmail or /mailman and redirect it to https, so that, for example,
http://www.concretecomputing.com/webmail/
gets redirected to the same page, but using https. It doesn't happen.
<VirtualHost 192.168.1.46:80> ServerName localhost DocumentRoot /var/www/html DirectoryIndex index.html index.shtml RewriteEngine on RewriteCond %{SERVER_PORT} ^80$ RewriteRule ^/webmail(.*)$ https://192.168.1.46/webmail$1 [L,R] RewriteLog "/var/log/httpd/rewrite.log" RewriteLogLevel 4
</VirtualHost>
Replace ipaddress either with the fqdn or with the ipaddress of your machine.
I am also attaching the ssl.sxw file in which how to generate certiticates for http.
. 2) %{SERVER_NAME} covers Ankush's suggestion about using ip or fqdn; if that part wasn't working I'd be getting redirected to the wrong place, but I'm not getting redirected anywhere.
I did increase the RewriteLogLevel, but there no entries ever show up in that log file.
I have tried removing the "RewriteCond %{HTTPS} !=on" line, just in case, but that didn't make any difference.
<VirtualHost 192.168.1.46:80> ServerName localhost DocumentRoot /var/www/html DirectoryIndex index.html index.shtml RewriteEngine on RewriteCond %{SERVER_PORT} ^80$ RewriteRule ^/webmail(.*)$ https://192.168.1.46/webmail$1 [L,R] RewriteLog "/var/log/httpd/rewrite.log" RewriteLogLevel 4
</VirtualHost>
The code given by me is running on 2 servers in my network.We have few applications of our own and I have done the rewriting rules for those.Most important it is working for webmail in my domain.
It will be good if you can attach your httpd.conf file
Ankush, I didn't mean to say there was anything wrong with what you sent. Only that it's almsot exactly what I was doing, and it wasn't working for me.
I finally switched to using RedirectMatch instead of RewriteRule. That works.
Thanks, everyone.
-
Ankush Grover -
Craig Thomas -
Matt Morgan -
Nathan Grennan -
patrick -
Todd Wease