Rewrite out of ink.

Forum Moderators: phranque

Message Too Old, No Replies

Rewrite out of ink.

Rewrite is not working - Obvisouly I am out if ink

Mr_MD

3:28 pm on May 18, 2010 (gmt 0)

I have a vhost running on ports 80 and 81. I am sitting behind a load balancer that has the ssl certs and subsequently handles port 443 traffic. HTTP and HTTPS traffic are passed as HTTP on separate ports only back to Apache.

In the following example I am trying to always force page2.htm to port 81 (SSL) and all other pages to port 80 (http) but this isn't happening obviously.

What should be a simple rewrite is not working - input is appreciated.

<VirtualHost *:80>
RewriteEngine On
RewriteCond %{SERVER_PORT} !=80
RewriteCond %{REQUEST_URI} ^page2\.htm$
RewriteRule ^(page2)\.htm$ https://www.example.com/$1.htm [R=301,L]
</VirtualHost>

<VirtualHost *:81>
RewriteEngine On
RewriteCond %{REQUEST_URI} !^page2\.htm$
RewriteRule /(.+)$ http://www.example.com/$1 [R=301,L]
</VirtualHost>

[edited by: jdMorgan at 5:57 pm (utc) on May 18, 2010]
[edit reason] example.com [/edit]

jdMorgan

5:54 pm on May 18, 2010 (gmt 0)

Note that in .htaccess files or within <Directory> containers in config files, the URL-path examined by RewriteRule *does not* contain a leading slash -- the path to "this directory" is stripped before mod_rewrite 'sees it.'

However, your code is not within a <Directory> container, and is evidently located in a server config file. Therefore, all URL-path patterns should start with a slash.

Note that the second rewritecond in the first rule is redundant, since it is a specific positive-match pattern just like that in the rule.

Also, the <VirtualHost> containers provide all the 'logic' needed to decide which port the traffic arrived on, so the RewriteConds examining %{SERVER_PORT} are unnecessary.

The tweaked version would look like this:


# Non-SSL vHost configuration
<VirtualHost *:80>
#
# Enable mod_rewrite rewriting engine
RewriteEngine on
#
# Redirect non-SSL /page2.html requests to port 81 (SSL)
RewriteRule ^/page2\.htm$ https://www.example.com/page2.htm [R=301,L]
</VirtualHost>
#
#
# SSL vHost configuration
<VirtualHost *:81>
#
# Enable mod_rewrite rewriting engine
RewriteEngine on
#
# Redirect SSL requests for all resources other than /page2.htm to port 80 (non-SSL)
RewriteCond %{REQUEST_URI} !^/page2\.htm$
RewriteRule ^/(.+)$ http://www.example.com/$1 [R=301,L]
</VirtualHost>

As implied here, concise and accurate comments are your friend... :)

Now consider this: Do you have 'objects' such as images, css files, or JS files that are shared between SSL and non-SSL pages? If so, then you may need to exclude those objects from HTTP/HTTPS redirection. Otherwise, you may get "Mixed secure/insecure content" warnings in the browser if a page is served with HTTPS but the objects included on that page are served with HTTP. If needed, this exclusion can be done by adding rewriteconds that look at the 'filetype' appended to the requested URL-path, e.g.

 RewriteCond %{REQUEST_URI} !\.(gif|jpe?g|png|ico|css|js)$

If no objects are shared between SSL and non-SSL (and given the configuration implied by your post and your code, they may indeed not be), then this is not a concern.

Jim

Mr_MD

7:05 pm on May 18, 2010 (gmt 0)

Jim,

Thanks for the input - It worked perfectly. You are correct about the comments - I appreciate the guidance and will remember that with future posts.

Mike