400 Bad Request Rewriting HTTP to HTTPS not working

Question

I am running an apache 2.4.25 on a Debian-Server. There is a website reachable via:

example.de    and
www.example.de

they should be rewriten via configs and .htaccess to:

https://example.de
https://www.example.de

That does not work.

This lines where added by lets-encrypt into sites-enabled/000-default.conf, the commented lines where added by me to rewrite example.de to www.example.de but it does not work:

RewriteEngine on
# rewrite example.de to www.example.de changed 11.11.2019
#RewriteCond %{HTTP_HOST} ^example\.de$ [NC]
#RewriteRule (.*) https://www.example.de/$1 [R=301,L]
#RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301]
RewriteCond %{SERVER_NAME} =www.example.de
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

SSL-config is written in 000-default-le-ssl.conf:

<IfModule mod_ssl.c>
<VirtualHost *:443>
...
    <Directory /var/www/>
            Options -Indexes +FollowSymLinks
            AllowOverride all
            Order allow,deny
            allow from all
    </Directory>
    # added 01.04.2019 END
    <Directory /var/www/html/>
      Options -Indexes +FollowSymlinks
      AllowOverride All
      Require all granted
      allow from all
    </Directory>
 ...
 SSLEngine on
 Include /etc/letsencrypt/options-ssl-apache.conf
 Header always set Content-Security-Policy upgrade-insecure-requests
 SSLCertificateFile /etc/letsencrypt/live/www.example.de/fullchain.pem
 SSLCertificateKeyFile /etc/letsencrypt/live/www.example.de/privkey.pem

There also is a wordpress.conf with virtual-host-entrys for port 80 and 443 literally containing the parts of default and default-ssl.conf.

The following is written in .htaccess:

# BEGIN WordPress
<IfModule mod_rewrite.c> 
Options +FollowSymLinks
RewriteEngine On
RewriteBase /

# rewrite example.de to www.example.de changed 11.11.2019
#RewriteCond %{HTTP_HOST} !^www\.
#RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301]
#RewriteCond %{SERVER_PORT} !=443
#RewriteRule ^(.*)$ https://www.example.de/$1 [R=301,L]

RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI}
RewriteRule îndex\.php$ - [L]
# add a trailing slash to /wp-admin
RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L]

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L]
RewriteRule . index.php [L]
</IfModule>

I took a look at the rewrite-entries in the error log: The rewrite-rules for rewriting to www or https dont appear there (loglevel debug rewrite:trace4).

When it was just a test-server rewriting from http to https worked like charm and now its live and it does not, while using https directly in browser works (the url changed by one character and the condition to rewrite example.de to www.example.de was added). I checked the modules; restarted the server; the servername = www.example.de, the serveralias = example.de;

I found this here on stackoverflow but nothing worked or does not apply to my case: https://stackoverflow.com/questions/17853828/redirecting-http-to-https-with-apache

Serving port 443 over http creates 400 Bad Request Error instead of redirect

Could somebody please help. I do not get it solved. Thanks in advance.

"does not work" - What happens exactly? You say you get a 400 error, but what is the request that generates this response? The directives above that you say were "added by lets-encrypt" - where are these added exactly? Presumably inside a vHost container for port 80? But you would not ordinarily add a mod_rewrite directive in that way - do you have multiple "addon" domains and not all are redirected? "There also is a wordpress.conf" - where/how is this being included? Your `.htaccess` directives are missing `L` flags, which will cause you problems and result in malformed redirects. — MrWhite, Nov 11 '19 at 23:48
entering example.de or www.example.de causes a 400 Bad Request - Speaking plain http to https server port for mobile and desktop-version of the website. The mod_rewrite directive in 000-default.conf is added and the new file 000-default-le-ssl.conf is added by certbot(letsencrypt). As far as I understood it wordpress.conf is used when a request for example.de or www.example.de is used. — Zehke, Nov 12 '19 at 10:54

score 0 · Accepted Answer · answered Nov 13 '19 at 10:32

0

The problem is solved, one of my collegues changed the settings in the SNI, that caused the issue.

answered Nov 13 '19 at 10:32

Zehke

13
4

1

That is only a partial answer. Explain what setting was changed. – John Hanley Nov 18 '19 at 01:26

400 Bad Request Rewriting HTTP to HTTPS not working

1 Answers1