Setup redirects with Modsec

apache-2.4mod-security

The web servers I managed are all running Apache 2.4 with Modsec. Is it possible to write a rule that will serve up a different page if matched by Modsec? I want this to be independent of the domain.

For example, if domain1.com/login or domain2.com/login redirect to domain3.com.

Best Answer

Yes you can, use the redirect action.

For example:

SecRule REQUEST_URI "/login" "phase:1,id:52,status:302,redirect:https://domain3.com

Though if doing a straight redirect like above you’d be better doing this in Apache.

Related Solutions

How to specify FastCGI parameters with Apache mod_proxy_fcgi

Starting from Apache 2.4.26 you can use ProxyFCGISetEnvIf in the virtual host:

ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir=/home/user1:/tmp"

Same server, different Apache virtual hosts, redirection does not work for one of them

For what I can see, you are making a double redirect, by using a redirect + rewrite. It shouldn't be necessary to do it (and as you didn't post all the apache config files, including the ones on /etc/apache2/conf.d and sites-enabled or equivalent), you might also have a missing setting or something overwriting it regarding the SSL settings.

Try something like this for ex. domain1.tld.conf

<VirtualHost *:80>
        ServerName domain1.tld
        Redirect permanent / https://www.domain1.tld
</VirtualHost>

<VirtualHost *:80>
        ServerName www.domain1.tld
        Redirect permanent / https://www.domain1.tld
</VirtualHost>

OR, you could even simplify it to a single VirtualHost and single file for testing using an Alias:

<VirtualHost *:80>
        ServerName domain1.tld
        ServerAlias www.domain1.tld
        Redirect permanent / https://www.domain1.tld
</VirtualHost>

<IfModule mod_ssl.c>
<VirtualHost *:443>
    ServerName www.domain1.tld


    ....

    SSLEngine On
    SSLCertificateFile /etc/letsencrypt/live/www.domain1.tld/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/www.domain1.tld/privkey.pem

    ...

</VirtualHost>
</IfModule>

Of course, for this to work, you must have a working HTTPS VirtualHost too, with a valid SSL certificate and the SSL and Headers modules enabled in Apache (a2enmod ssl, a2enmod headers). You should probably check this connecting directly to the HTTPS versions of the sites. If the HTTPS version is not working correctly, the redirects will fail.

Regarding your updated questions about the redirects still working after removing the configuration for the plain VirtualHost in port 80, you are probably suffering from a cache of your web browser or something like that. If you want to try the HTTPS site, and not the redirects, simply fill the URL with the whole protocol and subdomain https://www.domain1.tld, you can also use another browser (or private windows) to accomplish the cache override.

And you should always check the /var/log/apache2 log files, the access.log and error.log will be helpful in debugging the issues.

Best Answer

Related Solutions

How to specify FastCGI parameters with Apache mod_proxy_fcgi

Same server, different Apache virtual hosts, redirection does not work for one of them

Related Topic