Apache, vhost, redirection, https, ssl issues

apache-2.2httpsmod-rewritevirtualhost

Issues:

https://www.example.com -> should redirect to http://www.example.com, doesn't, gives Error code: ssl_error_rx_record_too_long without redirection, error_log: "[error] [client 127.0.1.3] Invalid method in request \x16\x03\x01
https://www.example.com/fundprocess.html -> should redirect https://example.com/fundprocess.html, gives Error code: ssl_error_rx_record_too_long without redirection, error_log: "[error] [client 127.0.1.3] Invalid method in request \x16\x03\x01"
https://example.com -> Should Redirect to http://www.example.com, doesn't
http://example.com/ -> Should redirect to http://www.example.com, doesn't
http://example.com/fundprocess.html should redirect to https://example.com/fundprocess.html, doesn't

No entries in rewrite log against these errors.

vhost Configuration

<VirtualHost 127.0.1.3:80>
ServerAdmin webmaster@example.com
ServerName www.example.com

DocumentRoot /var/www/html
<Directory /var/www/html>
    Options Indexes FollowSymLinks
    AllowOverride All


    Order allow,deny
    Allow from all
</Directory>


Redirect permanent /fundprocess.html https://example.com/fundprocess.html
Redirect permanent /fund_process.php https://example.com/fund_process.php

ErrorLog /var/log/apache2/example.com-error_log
TransferLog /var/log/apache2/example.com-access_log
LogLevel warn

RewriteLog /var/log/apache2/example.com-rewrite_log
RewriteLogLevel 9



</VirtualHost>


<VirtualHost 127.0.1.2:80>
ServerAdmin webmaster@example.com
ServerName example.com
DocumentRoot /var/www/html

    RewriteCond %{REQUEST_URI} !fundprocess.html [NC]
    RewriteCond %{REQUEST_URI} !fund_process.php [NC]
    RewriteRule (.*) http://www.example.com/$1 [R=301,L]

    RewriteCond %{REQUEST_URI} fundprocess.html [NC]
    RewriteCond %{REQUEST_URI} fund_process.php [NC]
    RewriteRule (.*) https://example.com/$1 [R=301,L]



</VirtualHost>



<VirtualHost 127.0.1.3:443>
ServerAdmin webmaster@example.com
ServerName www.example.com
DocumentRoot /var/www/html

    RewriteCond %{REQUEST_URI} !fundprocess.html [NC]
    RewriteCond %{REQUEST_URI} !fund_process.php [NC]
    RewriteRule (.*) http://www.example.com/$1 [R=301,L]

    RewriteCond %{REQUEST_URI} fundprocess.html [NC]
    RewriteCond %{REQUEST_URI} fund_process.php [NC]
    RewriteRule (.*) https://example.com/$1 [R=301,L]


</VirtualHost>



<VirtualHost 127.0.1.2:443>
ServerAdmin webmaster@example.com
ServerName example.com


DocumentRoot /var/www/html
<Directory /var/www/html>

    Options Indexes FollowSymLinks
    AllowOverride All


    Order allow,deny
    Allow from all

 </Directory>


RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !fundprocess.html [NC]
RewriteCond %{REQUEST_URI} !fund_process.php [NC]
RewriteRule (.*) http://www.example.com/$1 [R=301,L]

ErrorLog /var/log/apache2/example.com-ssl-error_log
TransferLog /var/log/apache2/example.com-ssl-access_log
LogLevel warn

RewriteLog /var/log/apache2/example.com-rewrite_log
RewriteLogLevel 9


SSLEngine On
SSLCertificateFile /etc/certs/example.crt
SSLCertificateKeyFile /etc/certs/example.key


SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

</VirtualHost>

Best Answer

This isn't a problem with the redirect, it's a problem with the SSL (the request has to be decrypted before the redirect will take place).

Do you have Listen 443 anywhere in your Apache config? Stick it in if you don't, near the Listen 80 part. Are you running any other SSL websites on this server? Make sure they're not using the same IP address. Finally, if you do have an SSL certificate that works elsewhere, try using it for this site - it will give a warning in the browser but if you accept the warning it should redirect - then you know the problem is your SSL cert.

Related Solutions

Tomcat – Apache2 – mod_expire and mod_rewrite not working in httpd.conf – serving content from tomcat

Probably the ProxyPass / directive you have in your config routes all requests to the Tomcat backend, bypassing all your mod_rewrite directives. You can try to remove the ProxyPass directive and use RewriteRule with the [P] flag after your other rewrites:

mod_rewrite: P|proxy

For the expire headers the situation is worse — in another similar question a solution was not found.

Option +FollowSymLinks would be needed for using mod_rewrite in .htaccess files; in your case it is not required, because you can put everything in the Apache config. Moving rules from config to .htaccess is pointless and can only make things slower. However, there is an important difference between .htaccess and the Apache config — in .htaccess patterns in RewriteRule are matched against relative filesystem paths (which never start with /), while in the VirtualHost context these patterns are matched against the URL path after the hostname, which always starts with /. Therefore at least one of your rules is incorrect:

RewriteRule ^content/(js|css)/([a-z]+)-([0-9]+)\.(js|css)$ /content/$1/$2.$4

should be

RewriteRule ^/content/(js|css)/([a-z]+)-([0-9]+)\.(js|css)$ /content/$1/$2.$4

(note the additional slash in the beginning).

Ssl – Apache VirtualHost, multiple sites. 1 ssl with redirect and 1 regular http

If you have NameVirtualHost on, you have to use the IP. NameVirtualHost is needed if you are running SSL, or running VirtualHosts on different IP addresses.

<VirtualHost 172.16.4.1:80>
     DocumentRoot /var/www/html/secure
     ServerName secure.com
     Redirect / https://secure.com
</VirtualHost>

<VirtualHost 17.16.4.1:80>
    DocumentRoot /var/www/html/notsecure
    ServerName notsecure.com
</VirtualHost>

Best Answer

Related Solutions

Tomcat – Apache2 – mod_expire and mod_rewrite not working in httpd.conf – serving content from tomcat

Ssl – Apache VirtualHost, multiple sites. 1 ssl with redirect and 1 regular http

Related Topic