Fwd: Virtual Host - Port 80 to 443 (Apache Users)

---------- Forwarded message ----------
From: Daniel <dferradal@xxxxxxxxx>
Date: 2016-07-14 12:18 GMT+02:00
Subject: Re: Virtual Host - Port 80 to 443
To: Leon Vergottini <leonv@xxxxxxxxxxxxxxxxx>

It seems correct.

If you have several virtualhosts for different subdomains you should define them on the same fashion as what you just showed.. If this is Apache 2.2.x and you have several virtualhosts not just 1 for 80 and 1 for 443, you should have NameVirtualHost *:80 and NameVirtualHost *:443 (if you are certainly using VirtualHost *:port in all cases.

It really depends on what you want to do, but premise are:

* VirtualHost should always have a port in it along with * or ip

* Each virtualhost should have a servername specifying which host name it is supposed to serve.

* To redirect to SSL a Redirect is enough in the non-SSL virtualhost. (no need for mod_rewrite).

* 2.2.x requires namevirtualhost directive in order to not deliver all requests to first virtualhost that matches the ip:port combination.

2016-07-14 12:11 GMT+02:00 Leon Vergottini <leonv@xxxxxxxxxxxxxxxxx>:

Dear Daniel

Thank you for the quick the reply. It is much appreciated.

If I understand you correctly, then the example below should be correct and will work for all the subdomains as well.

<VirtualHost *:80>
        ServerName subdomain1.domain.ac.za

        Redirect permanent / https://subdomain.domain.ac.za

</VirtualHost>

<VirtualHost *:443>
        ServerName subdomain1.domain.ac.za

        SSLEngine On
        SSLCertificateKeyFile /etc/pki/tls/certs/cnrstone/xxxxxxxxx.key
        SSLCertificateFile /etc/pki/tls/certs/cnrstone/ xxxxxxxxx.crt

        DocumentRoot "/var/www/subdomain.domain.ac.za/public_html"
                <Directory "/var/www/subdomain.domain.ac.za/public_html">
                Options Indexes FollowSymLinks MultiViews
         # AllowOverride controls what directives may be placed in .htaccess files.
                        AllowOverride All
        # Controls who can get stuff from this server file
                        Order allow,deny
                        Allow from all
           </Directory>
        <IfModule mpm_peruser_module>
                ServerEnvironment apache apache
        </IfModule>
</VirtualHost>

Kind Regards
Leon

From: Daniel <dferradal@xxxxxxxxx>
Reply-To: <users@xxxxxxxxxxxxxxxx>
Date: Thursday, 14 July 2016 at 11:40 AM
To: "<users@xxxxxxxxxxxxxxxx>" <users@xxxxxxxxxxxxxxxx>
Subject: Re: Virtual Host - Port 80 to 443

<VirtualHost *> is totally invalid. Use *:80 or *:443 or ip:port but never "*" alone.

Also if you define *:80 and there you want to redirect to the SSL virtualhost by all means use the http scheme in the redirect directive like:
Redirect permanent / https://subdomain.domain.ac.za/

2016-07-14 11:31 GMT+02:00 Leon Vergottini <leonv@xxxxxxxxxxxxxxxxx>:
Dear Community

I hope you are doing well today.

May I kindly ask your assistance since HTTPD is not my strong point? I have several virtual host conf files that have the structure below. I am now trying to change them so that incoming visitors from port 80 are being redirected to port 443:

<VirtualHost *>
            ServerName subdomain.domain.ac.za
            DocumentRoot "/var/www/ subdomain.domain.ac.za/public_html"
                    <Directory "/var/www/subdomain.domain.ac.za/public_html">
                    Options Indexes FollowSymLinks MultiViews
             # AllowOverride controls what directives may be placed in .htaccess files.
                            AllowOverride All
            # Controls who can get stuff from this server file
                            Order allow,deny
                            Allow from all
               </Directory>
            <IfModule mpm_peruser_module>
                    ServerEnvironment apache apache
            </IfModule>
    </VirtualHost>

    If a change it to this structure below to redirect the traffic from port 80 to 443, I am getting the error message that connection is not private and if I continue I am getting the default Apache page instead of the intended site’s home page.

    <VirtualHost *>
            ServerName subdomain.domain,ac,za

            SSLEngine On
            SSLCertificateKeyFile /etc/pki/tls/certs/cnrstone/xxxxxx.key
            SSLCertificateFile /etc/pki/tls/certs/cnrstone/ xxxxxx.crt

            RewriteEngine On
            RewriteCond %{HTTPS} off
            RewriteRule (.*) https://%{SERVER_NAME} [R,L]

            DocumentRoot "/var/www/ subdomain.domain.ac.za/public_html"
                    <Directory "/var/www/ subdomain.domain.ac.za/public_html">
                    Options Indexes FollowSymLinks MultiViews
             # AllowOverride controls what directives may be placed in .htaccess files.
                            AllowOverride All
            # Controls who can get stuff from this server file
                            Order allow,deny
                            Allow from all
               </Directory>
            <IfModule mpm_peruser_module>
                    ServerEnvironment apache apache
            </IfModule>
    </VirtualHost>

    If I change it to this structure below, the page is presented when using the url https://subdomain.domain.ac.za/ but not http://subdomain.domain.ac.za/

    <VirtualHost *:443>
            ServerName subdomain.domain.ac.za

            SSLEngine On
            SSLCertificateKeyFile /etc/pki/tls/certs/cnrstone/ xxxxxx.key
            SSLCertificateFile /etc/pki/tls/certs/cnrstone/ xxxxxx.crt

            DocumentRoot "/var/www/ subdomain.domain.ac.za/public_html"
                    <Directory "/var/www/ subdomain.domain.ac.za/public_html">
                    Options Indexes FollowSymLinks MultiViews
             # AllowOverride controls what directives may be placed in .htaccess files.
                            AllowOverride All
            # Controls who can get stuff from this server file
                            Order allow,deny
                            Allow from all
               </Directory>
            <IfModule mpm_peruser_module>
                    ServerEnvironment apache apache
            </IfModule>
    </VirtualHost>

Last virhost structure that I tried is similar to the one below. When applying these changes to other virtual hosts files, I am not re-directed to the right site, i.e. url https://subdomain1.domain.ac.za gets redirected to https://subdomain.domain.ac.za.

<VirtualHost *:80>
   ServerName subdomain.domain.ac.za
   DocumentRoot "/var/www/subdomain.cornerstone.ac.za/public_html"
   Redirect permanent / subdomain.domain.ac.za
</VirtualHost>

<VirtualHost _default_:443>
   ServerName subdomain.domain.ac.za

            SSLEngine On
            SSLCertificateKeyFile /etc/pki/tls/certs/cnrstone/ xxxxxx.key
            SSLCertificateFile /etc/pki/tls/certs/cnrstone/ xxxxxx.crt

            DocumentRoot "/var/www/subdomain.domain.ac.za/public_html"
                    <Directory "/var/www/ subdomain.domain.ac.za/public_html">
                    Options Indexes FollowSymLinks MultiViews
             # AllowOverride controls what directives may be placed in .htaccess files.
                            AllowOverride All
            # Controls who can get stuff from this server file
                            Order allow,deny
                            Allow from all
               </Directory>
            <IfModule mpm_peruser_module>
                    ServerEnvironment apache apache
            </IfModule></VirtualHost>

In addition, I have received serveral .crt files for a wild card certificate issues by Comodo. Do I have to include them all and how will a go about doing so, if I have to?

Thank you in advance.

Kind Regards
Leon

--
Daniel Ferradal
IT Specialist

email dferradal at gmail.com
linkedin es.linkedin.com/in/danielferradal

Daniel Ferradal

IT Specialist

email dferradal at gmail.com

linkedin es.linkedin.com/in/danielferradal

Daniel Ferradal

IT Specialist

email dferradal at gmail.com

linkedin es.linkedin.com/in/danielferradal