0

How do I redirect requests coming to https://blog.example.com to https://example.com/blog?

Reading the apache docs on when not to use the rewrite mod, I tried a simple redirect e.g.

Redirect https://blog.example.com https://example.com/blog

But when I visit https://blog.example.com, it doesn't redirect me. Only says error with a certificate. Is there any possibility to redirect HTTPS subdomain? It is working ok with HTTP when I use something like this:

<VirtualHost *:80>
    ServerName blog.example.com
    Redirect / https://example.com/blog/
</VirtualHost>

Conditions like these:

RewriteEngine on
RewriteCond %{HTTP_HOST} ^([^\.]+)\.example\.com$
RewriteRule ^/(.*)$ https://example.com/%1/$1 [R=301,L]

Only work when using HTTP not HTTPS...

Thank you.

Byakugan
  • 141
  • 1
  • 3
  • 12

3 Answers3

1

Your config applies to VirtualHost *:80, in other words to the http port. The port for https is 443. Find that configuration and apply the redirect there, too.

RalfFriedl
  • 3,108
  • 4
  • 13
  • 17
0

I think that you can use mod_alias for that.

In your blog.example.com Virtualhost:

RedirectMatch (.*)$ / https://example.com/blog/$1

https://httpd.apache.org/docs/2.4/mod/mod_alias.html

Almas Dusal
  • 101
  • 2
  • Not working for my setting it does not load with that line in apache. – Byakugan Sep 08 '18 at 14:03
  • I think that you need to install mod_alias before use it. If it's still doesn't work then try Redirect. You can find more information from URL that I wrote in an answer. – Almas Dusal Sep 09 '18 at 15:44
  • 1
    Oh you edited question. I just saw that. Your problem is SSL. Did you really have and set correctly your blog. subdomain SSL? If it doesn't then it's not work. – Almas Dusal Sep 09 '18 at 15:48
0

If the browser flags a certificate error, that will interrupt the transaction before the redirect fires. If you don't use HSTS, you will be able to confirm this by clicking through the error and the redirect will continue as normal. The error itself could come for a number of reasons, and the browser will tell you which applies, but the most likely is that your certificate is only valid for example.com and does not have a SAN entry for blog.example.com (or for the wildcarded *.example.com). To fix this, you can either regenerate the certificate to include this additional name, or you can get an extra certificate and adjust your server config to serve this one for the subdomain - in either case, your chosen certificate provider (CA) should be able to help you.

lvc
  • 111
  • 4
  • It is working when I use blog.example.com but not with HTTPS at the begining even in 443 section so the certificate is valid just not with HTTPS at the begining - well I dont think there will be much cases that people type HTTPS://blog.example.com but there could be some and I want to avoid that. – Byakugan Sep 08 '18 at 14:06
  • @Byakugan The cert is only used and checked if you connect by HTTPS. If it does not include either the domain name you are *currently* connecting to or a wildcard pattern that matches it, the browser will flag an error. The only ways to avoid this are to a) get a certificate that is valid for both domains, or b) get an additional certificate for just the blog subdomain, and configure your server to use it for those connections. If you happen to be using letsencrypt, both of these are easy - eg, `certbot -d example.com -d blog.example.com` for option a (which is probably slightly preferable). – lvc Sep 09 '18 at 06:05