Apache + plesk vhost problem: .htaccess ignored!

.htaccessapache-2.2redirect

i have a problem with a simple apache configuration.

When the user ask for https://mydomain.com i have to redirect it to https://www.mydomain.com, becose my https certificate is valid just for the domain with www.

I create the vhost.conf into my /var/www/vhosts/mydomain.com/conf/ directory, with inside:

<Directory /var/www/vhosts/mydomain.com/httpsdocs>
    AllowOverride All
</Directory>

And my .htaccess file into the /var/www/vhosts/mydomain.com/httpsdocs/ is:

RewriteEngine on
RewriteCond %{HTTPS_HOST} ^mydomain\.com
RewriteRule ^(.*)$ https://www.mydomain.com/$1 [R=301,L]

But seem like the .htaccess is completely ignored.

Any idea?

Best Answer

The order of an https connection is roughly

  1. user types https://mydomain.com into address bar - browser resolves this to IP address 1.1.1.1
  2. Browser opens connection to 1.1.1.1 on port 443.
  3. Server sends www.mydomain.com certificate - browser checks against the host name "mydomain.com"
  4. Browser displays error message, user clicks "OK/continue/etc".
  5. Browser sends HTTP request through the SSL connection, including the Host: header "mydomain.com"
  6. mod_rewrite uses the rules in your htaccess file to send a redirect.

So the error message would already have happened before the connection gets far enough for mod_rewrite to act. To stop errors occurring, you'd have to get a certificate with Subject Alternate Names (i.e. works for both www and non-www), or use SNI (adds an extra step in the SSL negotiation where the browser can tell Apache which hostname it wants, and Apache can choose the appropriate certificate).

Also, the variable is always called %{HTTP_HOST}, even if the connection is HTTPS (as that's just shorthand for "HTTP inside an SSL tunnel").

Related Topic