Two sites on one VPS non-www redirects to the wrong site

Forum Moderators: phranque

Message Too Old, No Replies

Two sites on one VPS non-www redirects to the wrong site

NickMNS

2:11 am on Mar 10, 2018 (gmt 0)

I have one site running without any issues on vps running on Apache/Ubuntu14.04. I am now trying to add another site. I added added the conf file to the sites-available folder. All works well. If I go to www.original-domain.com, then the website appears as always. If I go to www.new-domain.com then the new site appears... BUT! if I go to new-domain.com (without the www) then the original site appears.

I have set up the VirtualHost to => ServerName www.new-domain.com and ServerAlias new-domain.
If I add a Redirect Permanent / http : //www.new-domain.com then I get an error "Too many redirects".

So I am at a loss.

The original site has a Redirect Permanent going to https, and that works fine. I commented it out but this solved nothing.
I am using mod_wsgi as both sites are python apps.

[edited by: not2easy at 2:32 am (utc) on Mar 10, 2018]
[edit reason] unlinked/readability [/edit]

keyplyr

2:15 am on Mar 10, 2018 (gmt 0)

Is there a way to edit the A record for the newly added domain?

NickMNS

2:21 am on Mar 10, 2018 (gmt 0)

Yes. But I have no idea how it should be edited.

not2easy

2:33 am on Mar 10, 2018 (gmt 0)

Where are you adding this "Redirect Permanent"?

NickMNS

2:46 am on Mar 10, 2018 (gmt 0)

In the <virtualhost> in the conf file

not2easy

2:57 am on Mar 10, 2018 (gmt 0)

I'm off to look that up because it does not seem that the httpd.conf file is the place for redirects and the syntax is what you would use with mod_alias (in .htaccess). Possibly the new domain inherits original-domain settings?

NickMNS

3:11 am on Mar 10, 2018 (gmt 0)

I'm not using httpd.conf, I am using sites-available and sites-enabled that is used on Apache on Ubuntu. So each site gets its own configuration file.

After some closer research this appears to be an issue with mod_wsgi and python.

Here is an excerpt from a blog post Graham Dumpleton the creator of mod_wsgi:

The ServerName directive specified within the VirtualHost gives the primary host name by which the site is identified. If the same site can be accessed by other names, the ServerAlias directive can be used to list them explicitly, or by using a wildcard pattern.

What is not obvious however is if there are any host names by which the server IP is addressable and they are not covered by a ServerName or ServerAlias directive, rather than Apache giving an error, it will route the request to the first VirtualHost definition it found when it read its configuration.

here is the link to the post:
[blog.dscpl.com.au...]

The second paragraph must apply to my situation but I am not seeing how. For both sites I have www. non-www both explicitly mapped out. So why would the non-www cause a problem?

not2easy

3:16 am on Mar 10, 2018 (gmt 0)

My mistake, I had thought you were using Apache's httpd.conf file.

I'll just wander off.

NickMNS

3:32 am on Mar 10, 2018 (gmt 0)

Yes this appears to be the issue.

There is a redirect in my original sites Virtualhost that redirects to https. If I comment it out it solves the problem. But now if you go to httq://original-domain it exposes the folders to the public (not good!). So we found the problem, thanks! But now I need to find a solution.

If I understand the link you shared:
This (what I have used)

Redirect Permanent / https://www.original-domain.com

translates to, any request to the any root domain will be redirected to the https: site.
so I should be able to be explicit:


Redirect Permanent http://www.original-domain.com https://www.original-domain.com
Redirect Permanent http://original-domain.com https://www.original-domain.com

and that should solve my issue?

NickMNS

3:35 am on Mar 10, 2018 (gmt 0)

@not2easy did you edit your post or am I going crazy?

not2easy

4:33 am on Mar 10, 2018 (gmt 0)

I edited my post because when I read your latest post, mine made no sense. The link and the quote were from Apache's documentation for httpd.conf so when I read that you are not using Apache's httpd.conf file, it seemed it would be irrelevant. The link I had posted was to Apache's mod_alias documentation: [httpd.apache.org...] as it relates to http.conf settings. If it helps you see how Apache might be processing your settings, that's good.

I had posted their Note:

Redirect directives take precedence over Alias and ScriptAlias directives, irrespective of their ordering in the configuration file. Redirect directives inside a Location take precedence over Redirect and Alias directives with an URL-path.

which to me explained why the server's alias setting might be over-riding the Redirect Permanent settings.

NickMNS

4:40 am on Mar 10, 2018 (gmt 0)

As I explained above this is the case, I tested it. If I make the redirect restrictive it solves the issue. I was able to restrict it to the www version or to the non-www version. My question is how do I write the redirect to be explicit to that one domain and cover both versions?

I am looking at using mod_rewrite, but most of the examples I see are broadly formulated to redirect any http to https.

not2easy

5:03 am on Mar 10, 2018 (gmt 0)

I don't know if that can be done using a single configuration file - maybe in <Location> settings?

There is a known problem of using both mod_rewrite with mod_alias in settings. Try to avoid the redirect format you listed above if you want rewrites using mod_rewrite to function as expected.

My experience with rewrites is based mostly in htaccess files though. If you're patient, someone can give you better help in using configuration files rather than htaccess for each domain. I can't help much there.

NickMNS

5:09 am on Mar 10, 2018 (gmt 0)

You have helped more than you think, thank you. I think you've set me on the right track.

keyplyr

5:17 am on Mar 10, 2018 (gmt 0)

There is a known problem of using both mod_rewrite with mod_alias

I'll confirm that.

not2easy

5:19 am on Mar 10, 2018 (gmt 0)

The documentation for Apache's mod_rewrite is here: [httpd.apache.org...]

NickMNS

5:35 am on Mar 10, 2018 (gmt 0)

I think I found a solution, it provides the desired result.

After reading through this:
[devdocs.io...]

I use two if's like this:


<If "%{HTTP_HOST} == 'www.example.com'">
  Redirect permanent "/" "https://www.example.com/"
</If>
<If "%{HTTP_HOST} == "example.com'">
  Redirect permanent "/" "https://www.example.com/"
</If>

This avoids using mod-rewrite and is explicit. This could probably be written as a single IF with an OR but I'm not sure about the syntax.

phranque

7:03 am on Mar 10, 2018 (gmt 0)

There is a redirect in my original sites Virtualhost that redirects to https. If I comment it out it solves the problem. But now if you go to httq://original-domain it exposes the folders to the public (not good!).

where is the <VirtualHost> container for hostname original-domain listening to Port 80?

There is a known problem of using both mod_rewrite with mod_alias in settings.

this is probably what keyplyer was looking for:
When not to use mod_rewrite [httpd.apache.org]

when there are Redirect and RewriteRule directives in the same scope, the RewriteRule directives will run first, regardless of the order of appearance in the configuration file.

this means if you are using mod_rewrite anywhere (e.g. doing an internal rewrite) you should probably be using mod_rewrite everywhere (i.e. external redirects)

i would suggest using something like this:

RewriteCond {HTTP_HOST} !^(www\.example\.com)?$ [NC,OR]
RewriteCond %{HTTPS} !on
RewriteRule ^(.*)$ https://www.example.com/$1 [L,R=301]

lucy24

7:47 am on Mar 10, 2018 (gmt 0)

Why are you doing any of this with mod_alias? That's not ordinarily how one deals with canonicalization redirects. Save mod_alias for its official job, aliasing--which you can now do to your heart's content, since it's your own server.

i would suggest using something like this:

And if you're feeling really brave, leave off the anchors in the pattern. By default, regular expressions start as soon as they can and continue as long as they can. But do watch out for leading slashes in the capture if the RewriteRules are lying loose in your <VirtualHost> envelope, as opposed to in a <Directory> section. You don't want to end up with two slashes.

NickMNS

4:47 pm on Mar 10, 2018 (gmt 0)

where is the <VirtualHost> container for hostname original-domain listening to Port 80?

Yes port 80.

i would suggest using something like this:

The goal of the rewrite was to be specific to one domain, your suggestion of

 !^(www\.example\.com)?$

is general. That is anything that isn't "www.example.com" will be redirected. In most situation this works but in my specific case, because of mod_wsgi, requesting www.example2.com will be redirected to httqs//:www.example.com.

Why are you doing any of this with mod_alias?

I'm not actually using mod_alias explicitly. The issue I am having is explained in my post @ts(3:11am). Essentially this is all because I'm using mod_wsgi.

not2easy

5:41 pm on Mar 10, 2018 (gmt 0)

The "Redirect Permanent" indicates that you are using mod_alias. The use of the mod_wsgi to interface between Apache and Python acts as an enabler but the configuration directives are passed back to Apache and it applies them as mod_alias directives. Redirect Permanent is not specific to mod_wsgi but it is specific to mod_alias.

I did read 'some' of the information at the mod_wsgi [modwsgi.readthedocs.io]site to see how mod_wsgi might have an effect. From the devdocs [devdocs.io] site where it shows the Redirect Method, they also offer this:

For sites running on a port other than 80:

RewriteCond "%{HTTP_HOST}" "!^www\.example\.com" [NC]
RewriteCond "%{HTTP_HOST}" "!^$"
RewriteCond "%{SERVER_PORT}" "!^80$"
RewriteRule "^/?(.*)" "http://www.example.com:%{SERVER_PORT}/$1" [L,R,NE]

And for a site running on port 80

RewriteCond "%{HTTP_HOST}" "!^www\.example\.com" [NC]
RewriteCond "%{HTTP_HOST}" "!^$"
RewriteRule "^/?(.*)" "http://www.example.com/$1" [L,R,NE]

If you wanted to do this generically for all domain names - that is, if you want to redirect example.com to www.example.com for all possible values of example.com, you could use the following recipe:

RewriteCond "%{HTTP_HOST}" "!^www\." [NC]
RewriteCond "%{HTTP_HOST}" "!^$"
RewriteRule "^/?(.*)" "http://www.%{HTTP_HOST}/$1" [L,R,NE]

These rulesets will work either in your main server configuration file, or in a .htaccess file placed in the DocumentRoot of the server.

NickMNS

6:19 pm on Mar 10, 2018 (gmt 0)

@not2easy
The devdocs page you and I both linked to states this:

Solution:
The very best way to solve this doesn't involve mod_rewrite at all, but rather uses the Redirect directive placed in a virtual host for the non-canonical hostname(s).

By using the <If> commands (as per the two examples above the ones you quoted) I was able to achieve my goal using Redirect. So is there a reason why I should be using mod_rewrite instead?

not2easy

6:57 pm on Mar 10, 2018 (gmt 0)

Only because mod_alias can be unwieldy as a site grows and develops. The directives process before others and can have unintended results. For myself, I prefer to stick with mod_rewrite for predictable behavior going forward.

It just looks like the 3 lines of code for use with mod_rewrite are simpler than the <VirtualHost> container and IF conditions used. I always try to find the simplest path to get a task handled when there are multiple ways to deal with it. If I had not seen so many questions in this forum that turn out to have mod_alias as their cause I'd not bother to look this up. Just offering an alternative.

NickMNS

7:36 pm on Mar 10, 2018 (gmt 0)

I understand what you are saying and all makes for a plain vanilla set up. But in my case I'm using Python/mod_wsgi.

can be unwieldy as a site grows and develops.

In my case the growth or not of the site will change nothing from apache's perspective as the site is all managed by python then nicely wrapped in mod_wsgi. Everything is handled there, static files, images everything. Apache gets a request and sends it through to python, python then returns a response back and its off the the user, (Greatly over simplified of course). Most if not all redirects will be handled by python except for the highest level stuff, such as http to https and non-www to www. To do things differently will be total chaos as there would be no way to know what is handled were or by what.