4

I perhaps just need some extra insight because I don't see where I'm going wrong. I used an SSL Cert to secure our nagios server. We want to specifically require all traffic over nagios (like 2 users, lol) to use SSL.

So I thought, oh, mod_rewrite + Rewrite Rule in .htaccess, right?

So I went into the DocumentRoot and did a vi .htaccess (one didn't already exist) and then I put in the following rule;

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://our.server.org/$1 [R,L]

This does absolutely nothing. Does nada.

Whhhyy..

Note: AllowOverride all in httpd.conf is on. Also, I verified that the module is not uncommented out ... but note, I couldn't find the mod_rewrite module installed so I copied it over from another server and placed it in modules/mod_rewrite.so . It was weird because it was enabled in the httpd.conf file, but then didn't exist in modules ...

I'm a baddie :(

Ethabelle
  • 2,052
  • 14
  • 20

2 Answers2

6

Here's my redirecting non-ssl VirtualHost in its entirety:

<VirtualHost *:80>
  ServerAdmin root@example.com
  ServerName www.example.com
  ServerAlias example.com

  RewriteEngine on
  RewriteCond %{HTTPS} !=on
  RewriteRule ^/(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]

  LogLevel warn    
  CustomLog /var/log/apache2/access.log vhost_combined
  ErrorLog /var/log/apache2/error.log
</VirtualHost>

This belongs in the Apache config rather than in .htaccess.

The main difference is in our RewriteCond lines, where yours is %{SERVER_PORT} 80 and mine is %{HTTPS} !=on.

bahamat
  • 6,263
  • 24
  • 28
  • Correcting my statement: This works! However, I copy/pasted this into my .htaccess file and it didn't work in there. I'm wondering why my .htaccess file isn't working .. BLAST :( – Ethabelle Jun 28 '12 at 21:31
  • 1
    @Ethabelle The directory context in .htaccess changes the string you're trying to match against - you'd need change `^/(.*)$` in the `RewriteRule` - but any match works, so use `^`. But anyway, yeah, do this in your main config files instead of htaccess if possible. See the apache recommendations on when htaccess files should be used [here](http://httpd.apache.org/docs/current/howto/htaccess.html#when). – Shane Madden Jun 29 '12 at 03:46
1

It's much easier to do the following if you have two different vhost entries setup.

Redirect permanent / https://our.server.org/

In the non-ssl vhost. Don't worry that will cover all uris entered.

Mike
  • 22,310
  • 7
  • 56
  • 79