Apache http to https redirect with Rewrite

Question

Using Apache 2.4 on OS X Yosemite. Need to modify this virtual host for it to redirect http://server.kibana and http://www.server.kibana to https://server.kibana

Here is the Vhost:

<VirtualHost *:8443>
            ServerName www.server.kibana
            ServerAlias server.kibana
            ServerAdmin [email protected]
           # RedirectPermanent http://server.kibana https://server.kibana
           # DocumentRoot /usr/local/var/www/kibana-4.0.2-darwin-x64/src/public
            SSLEngine on
            SSLCertificateFile "/usr/local/etc/apache2/2.4/ssl-keys/server.crt"
            SSLCertificateKeyFile "/usr/local/etc/apache2/2.4/ssl-keys/server.key"
        #
        # Proxy
        #
    ProxyRequests Off
    <Proxy *>
        Order Allow,Deny
        Allow from all
        AuthType Basic
        AuthName "Authenticated proxy"
        AuthUserFile /usr/local/etc/apache2/2.4/elastic.htpwd
        Require valid-user
    </Proxy>
        ProxyPass / http://127.0.0.1:5601
        ProxyPassReverse / http://127.0.0.1:5601
        RewriteEngine on
        RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
        RewriteRule .* http://127.0.0.1:5601%{REQUEST_URI} [P,QSA]
            ErrorLog /usr/local/var/log/apache2/kibana_error.log
            LogLevel warn
            CustomLog /usr/local/var/log/apache2/kibana_access.log combined
</VirtualHost>

Any suggestions what to add or how to modify the RewriteRule and RewriteCond? Thanx!

BillThor · Accepted Answer · 2015-06-20 04:40:32Z

You can use this, and rewrite to the domain your certificate was issued to:

RewriteCond %{HTTPS} !=on [NC]
RewriteRule ^(.*) https://www.example.com$1 [R=301,L]

Or use this include file where you want to enforce SSL, while enabling HTTP access to parts of server.

# Script to require SSL

<If "%{HTTPS} == 'on'">
    SSLOptions +StrictRequire
    SSLRequireSSL
</If>
<Else>
    RedirectMatch permanent ^/?(.*) https://www.example.com/$1
</Else>

You could use %{SERVER_NAME} instead of www.example.com. This works well with a normal certificate.

RewriteCond %{HTTPS} !=on [NC]
RewriteRule ^(.*) https://%{SERVER_NAME}$1 [R=301,L]

The variable %{HTTP_HOST} contains the hostname from the request and could be used instead of www.exaxmple.com. However, this may not be a hostname that matches the certificate. It does work with multi-domain certificates.

RewriteCond %{HTTPS} !=on [NC]
RewriteRule ^(.*) https://%{HOST_NAME}$1 [R=301,L]

Adding UseCanonicalName dns to your configuration UseCanonicalName dns will provide the SERVER_NAME from DNS. However, you need to ensure DNS provides the desired domain. If you get this working, you may be able to use the same configuration for all servers. Alternatively, you can include a small server specific file to provide the server name.

You do need to listen on different ports for HTTP and HTTPS. Test each before your enable rewriting. This is a minimal configuration for a site that listens on both HTTP and HTTPS and redirects all requests to HTTPS. The redirect will need a port if non-standard ports are used. This configuration relies on directory access being configured outside the virtual host definition.

<VirtualHost *:80 *:443>
    ServerAdmin [email protected]
    DocumentRoot /var/www/
    ServerName  www.example.com
    ServerAlias example.com

    SSLEngine On
    SSLCipherSuite HIGH:MEDIUM
    SSLCertificateFile      /etc/ssl/certs/www.example.com-cert.pem
    SSLCertificateKeyFile   /etc/ssl/private/www.example.com-key.pem
    SSLCACertificatePath    /etc/ssl/certs/

    RewriteEngine On
    RewriteCond %{HTTPS} !=on [NC]
    RewriteRule ^(.*) https://%{SERVER_NAME}$1 [R=301,L]

</VirtualHost>

I've added RewriteCond %{HTTPS} !=on [NC] RewriteRule ^/(.*) https://127.0.0.1:5601/$1 [R=301,L] and it doesnt work. It still redirects me to "It's working" apache default page ((( and how to try the file? — drew1kun, Commented Jun 19, 2015 at 4:33
So the only working solution in my case is the script you wrote. It works (after I cleared browser cache, but the other solution isn't((( ) Just let's say I have two different hosts and I want to make this script more universal (working for both hosts) how should I change https://www.example.com/$1? is there any variable like %{REQUEST_URI} or something else? Or should I create for each virtual host it's own script? It doesn't seem a good idea thou((( — drew1kun, Commented Jun 19, 2015 at 5:46
@Andrew The first option works for me, but I use the desired hostname not an IP address. I've edited the response to work when no path is provided. I've updated the response to provide options for setting the hostname, — BillThor, Commented Jun 19, 2015 at 11:13
Could you please write an examples for all three cases. I've tried them all but not sure if I've done this in the right way... I'm always getting the same: 500 Internal Server Error — drew1kun, Commented Jun 19, 2015 at 15:41
@Andrew Have you checked the error log? I won't have time to test and update the post until tonight. — BillThor, Commented Jun 19, 2015 at 17:09

KenWeiLL · Accepted Answer · 2015-06-19 03:46:53Z

0

Try to add this code below "RewriteEngine on" and see if it works.

RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://server.kibana/$1 [R=301,L]

answered Jun 19, 2015 at 3:46

KenWeiLL

13 bronze badges

it does nothing. Why do I actually need to check the port?
– drew1kun
Commented Jun 19, 2015 at 4:08
Both of the links are http. http access port 80 by default, whether its www or non-www. Traffic that comes from port 80 or via http access should be forwarded to https (via port 443) with the code above. Did you try to refresh browser cache before testing it?
– KenWeiLL
Commented Jun 19, 2015 at 4:53
I've mentioned https port in <VirtualHost *:8443>. Shouldn't it be enough? Well my apache listens to port 8080 for http and 8443 for https, but pf firewall redirects all traffic to port 80 and 443. which port should I write in the code above?
– drew1kun
Commented Jun 19, 2015 at 5:02
well thanx anyways for the tip to clear cache. Seems like the BillThor's script is the only working solution.
– drew1kun
Commented Jun 19, 2015 at 5:34

Add a comment |

Stack Exchange Network

Apache http to https redirect with Rewrite

2 Answers 2

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged
apache-http-server
https
httpd
mod-rewrite
url-rewriting
.

Hot Network Questions

Apache http to https redirect with Rewrite

2 Answers 2

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged apache-http-serverhttpshttpdmod-rewriteurl-rewriting.

Related

Hot Network Questions

Not the answer you're looking for? Browse other questions tagged
apache-http-server
https
httpd
mod-rewrite
url-rewriting
.