Re: redirect port from 80 to 443

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Just a personal opinion: mod_rewrite is perfectly fine as long as you know it well, and any Apache admin will have to learn and use it eventually. If you can accomplish your task with one powerful module you already know, learning "simpler" modules and enabling them on your server is both silly and dangerous.

"When not to use mod_rewrite" page was probably written by people frustrated with too many examples of incorrect mod_rewrite configurations in this forum. It makes sense _for them_ to point people to easier to use modules, not necessarily for you to use them.

--
With Best Regards,
Marat Khalili

On 19/02/17 00:33, Spork Schivago wrote:

Sorry to butt in here. I've been following this post with some interest. I wanted to accomplish the same thing the original OP wanted to accomplish, redirect all traffic to the secure version of my site. I went to the internet and found directions on how to do this using mod_rewrite rules. Now that I know I should be using redirect instead, I had some questions. Should I start my own topic or just ask in this one? What's generally considered best practice in a situation like this, where my question revolves around the original ops question?

Thanks!


On Sat, Feb 18, 2017 at 3:02 PM, Dr James Smith <js5@xxxxxxxxxxxx> wrote:

As I only run HTTPS - I have the following on port 80 - (this can't be done with redirect)

<VirtualHost *:80>

...
...
...

RewriteEngine on
RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge
RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [R=permanent,L,NE]
</VirtualHost>

So I only have one port 80 configuration - even tho' I'm running something like 30 sub-domains on one machine and 70 sub-domains on the other...

{There is some other stuff associated with this - and I've got HTST headers set - and preloaded where I can - so most browsers won't hit the port 80 anyway!}




On 18/02/2017 19:00, Daniel wrote:

Yes please, let's stay away of convoluted and most times innecessary mod_rewrite examples to do simpleton configurations.


If you are in virtualhost 80, you have specified servername correctly and you just want to redirect to ssl, why not a single Redirect statement?


As Yann's refered document says:

Redirect / https://something.example.com/


Most people here knows this but there are gazillions web pages refering to bad advice, duck and tape solutions and convolued ways of using mod_rewrite for a simple redirection when placed in proper context, we need to finish with that trend, and the best way is to give simple, straight to the point examples "first".


The mod_rewrite example given,lets slice it out:

> RewriteCond %{HTTP_HOST} =www.example.com
> RewriteCond %{SERVER_PORT} =80
> RewriteRule ^(.*)$ https://www.example.com/$1 [R]


This clearly assumes it is a generic recipe in a .htaccess somewhere which can be read from a non-SSL virtualhost or non-SSL virtualhost (just to be ignored).


1º It checks the host name, but why? if you have defined a VirtualHost with that servername and there are no conflicts the request is already landing there.

2º It checks for port 80. But we are redirecting to SSL, so we are already on port 80, why check it?

3º Can be replaced with a Redirect as mentioned above.


So instead of giving out recipes for .htaccess thought out for an aging era or shared virtualhosting, lets recommend the ideal virtualhost context recipe first as Yann proposed earlier:


Define the virtualhost with the names you serve.

<VirtualHost *:80>

ServerName something.example.com

Redirect / https://something.example.com/

</VirtualHost>


There is no guessing here, no unnecessary directives and it's hard to miss or confuse with other directives and the context where it resides is crystal clear.


Later on, when things need to be complicated, then I guess we can use "If" or "mod_rewrite", and recommend it as needed.



2017-02-18 19:38 GMT+01:00 Richard <lists-apache@xxxxxxxxxxxxxxxxxxxxx>:



> Date: Saturday, February 18, 2017 11:04:34 -0700
> From: James Moe <jimoe@xxxxxxxxxxxxxx>
>
> On 02/18/2017 05:08 AM, Rodrigo Cunha wrote:
>> i want redirect all request from port 80 to 443.
>> what is better setting for fix this?
>>
> Better than what?
> Fix? Is it broken?
>
> RewriteCond %{HTTP_HOST} =www.example.com
> RewriteCond %{SERVER_PORT} =80
> RewriteRule ^(.*)$ https://www.example.com/$1 [R]

Perhaps, better than using a "rewrite"? See the documentation
reference, given in an earlier post:

<https://httpd.apache.org/docs/2.4/rewrite/avoid.html#redirect>;

that has this as a specific example of when/why to use a "redirect"
rather than a "rewrite".




---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx




--

Daniel Ferradal

IT Specialist


email dferradal at gmail.com

linkedin es.linkedin.com/in/danielferradal



-- The Wellcome Trust Sanger Institute is operated by Genome Research Limited, a charity registered in England with number 1021457 and a company registered in England with number 2742969, whose registered office is 215 Euston Road, London, NW1 2BE.




--

С уважением,
Марат Халили (Российский Квантовый Центр)
+7 926 950 0804
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux