1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 12:28 am May 2, 2026

Forum Moderators: phranque

Message Too Old, No Replies

RewriteRule Works on HTTP but not HTTPS?

         

kingster

6:19 pm on Mar 2, 2011 (gmt 0)

10+ Year Member



I've beat my head on this for 3 days now. I'm missing something, and it's likely really dumb.

First, my situation:
I've got a farm of servers, that people have made bookmarks and links to over the years that used [....] We recently made a change to make them use https:// and that was all well and good. In fact, I got a lot of help looking through posts here. Grand. Thanks for the help! :) Now, though, I find that we need to make a redirect to a new location for a couple of files, what used to be /authentication.html and /authorization.html to new location/filename.
Being the kind of guy I am, I think it'll be easy to add in a couple of rewriterules to do the trick. Not so much.

Second, my rewrite stuff. There is no other rewrites occuring anywhere on the server: 

 RewriteEngine On

 RewriteRule ^/authentication.html$ /wsso/authn_fail.html [R]
 RewriteRule ^/authorization.html$ /wsso/authz_fail.html [R]

 RewriteCond %{SERVER_PORT} ^80$ [NC]
 RewriteCond %{REQUEST_URI} ^/GroupsUI(/.*)$ [NC,OR]
 RewriteCond %{REQUEST_URI} ^/GroupsService(/.*)$ [NC,OR]
 RewriteCond %{REQUEST_URI} ^/csm(/.*)$ [NC,OR]
 RewriteCond %{REQUEST_URI} ^/server-status(/.*)$ [NC]
 RewriteRule .* - [NE,L]
 RewriteCond %{SERVER_PORT} !^443$
 RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [NE,R=301]

 RewriteLog /var/log/httpd/rewrite_log
 RewriteLogLevel 3


Third, a description of what happens:
Everything works as expected... For the most part. HTTP-->HTTPS redirects are great, and when a user comes in on HTTP to /authentication.html, they get redirected to [[server]...] (granted, via a COUPLE redirects, but I'm not too worried about that at this point). The problem occurs when a person comes in on HTTPS to [[server]...] they don't get redirected. Heck, the log doesn't even log it, so I'm thinking that mod_rewrite never SEES IT!

Query:
What have I missed? What am I doing wrong? I'm sure it's something simple... Help?

kingster

12:13 am on Mar 3, 2011 (gmt 0)

10+ Year Member



A bit more, in case it wasn't clear (which, looking at my post, it isn't)...

These directives are in their own conf file, called rewrites.conf. This is the very last file called from httpd.conf (long after extras/httpd-ssl.conf).

Both SSL and non-SSL are covering the /var/www file space.

g1smd

1:20 am on Mar 3, 2011 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



There's nothing in your code to redirect HTTPS requests to some other place.

Where would you want them redirected?

Your code says to redirect all HTTP requests to HTTPS, apart from four exceptions, which will stay on whatever protocol was requested.

There are no redirects to HTTP at all. Should there be?


The first two redirects listed should have the protocol and domain name specified, and currently produce a 302 redirect. The two rules simplify to one. Additionally, you should add the [L] flag to those rules. 

RewriteRule ^/auth(ori[sz]|entic)ation\.html?$ http://www.example.com/wsso/authz_fail.html [R=301,L]



Have you got all this code in the right "container"?

kingster

1:34 am on Mar 3, 2011 (gmt 0)

10+ Year Member



Thanks for your response.

I guess I was more unclear than I thought, and I apologize. It's the first two RewriteRules that I am having the problem with. They work just fine under http, but appear to not even be evaluated under https. Heck - none of the rules appear to be evaluated under https, and I can live with that, except for those first two.

Why would they NOT be evaluated under https? That's what I am struggling with here, I suppose.

All that said... I did manage to "work around" the issue by removing those lines, and at the top of the file, prior to RewriteEngine on, I just did this: 
redirect 302 /authentication.html /wsso/authn_fail.html
redirect 302 /authorization.html /wsso/authz_fail.html


It feels a bit like giving up, but... It works. If you have some insight as to why the top 2 RewriteRules in my first post aren't working in HTTPS though, I'm certainly interested, because I just can't figure the damned thing out.

[edit] Looks like you updated your post while I was posting this.

Can't use a single rule - I don't think... It's going to two different files authentication --> authn and authorization --> authz. As far as the right "container"? Bah. I have no idea. as I said, these rules are all in one file, called with an include as the last line from httpd.conf.

g1smd

7:57 pm on Mar 3, 2011 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



I didn't notice the one letter difference in the target of the redirect.

Yes, you'll need two rules, but make sure the syntax is correct.

kingster

8:06 pm on Mar 3, 2011 (gmt 0)

10+ Year Member



thanks g1smd...

Any idea on why rewrites are working on the HTTP side, but not on the HTTPS?

jdMorgan

10:07 pm on Mar 8, 2011 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



It is common that hosts will configure the http and https servers to point to different documentroot areas. Check using FTP or ask your host to be sure that there is (or is not) a separate file-storage area fro you https code and files. If so, put the https code into a .htaccess file in the https root directory.

Jim
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 12:28 am May 2, 2026