Apache2 not redirecting to https

Question

I have an ec2 instance with my website files properly installed using apache2 as the web server. The ec2 is configured to receive http traffic on port 80 only from the elb (pretty sure about this but not 100%). The elb has an https listener (port 443) and an http listener (port 80). The elb sends traffic to the ec2 instance after decrypting the data according to the aws docs. My issue is that I cannot figure out how to redirect all traffic to the load balancer that is http to https.

I tried using this rewrite rule in both the virtual host for the site and the apache2.conf, but it isn't having any kind of effect (no errors either).

RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI}

The entire virtual host looks like this (located in /etc/apache2/sites-available/SewaneeEats.conf):

ServerName classicloadbalancer-1929710381.us-east-1.elb.amazonaws.com
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html/SewaneeEats/public

<Directory /var/www/html/SewaneeEats>
    RewriteEngine On
    RewriteCond %{HTTP:X-Forwarded-Proto} !https
    RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI}
    AllowOverride All
</Directory>

ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined

I can confirm also that module rewrite is enabled.

So when I type in the url sewaneeeats.com (these links are live if you need to check them out), it will still be sewaneeeats.com (with no ssl whatsoever) rather than redirecting. I know the ssl is working on https://www.sewaneeeats.com. On https://sewaneeeats.com I get a broken ssl red symbol in the url bar on chrome. I think the reason it is broken on the https://sewaneeeats.com url is because the cert is registered for www subdomain, but I am not sure. The domain is configured using aws's route 53 console, so I can give info on that if it would be helpful.

Any help would be really appreciated because I have been trying to figure this out for about a 12 hours or so. Would have posted this on serverfault.com, but I couldn't because I can only have 2 links for a question when I am under 10 rep.

where is the sewaneeeats.com to www.sewaneeeats.com redirect in your config? As for the SSL cert, i see you are using one issued by Amazon, you can add aditional domain names to the cert, just add both sewaneeeats.com and www.sewaneeeats.com (you may have to create a new certificate) — at0mzk, Feb 24 '17 at 08:57
@at0mzk the rewrite rules are in the virtual host config file for the site, which is the /etc/apache2/sites-available/SewaneeEats.conf file. I will try adding additional domains to the certificate — dbep, Feb 24 '17 at 13:38
@at0mzk I ended up creating a new certificate that added all subdomains as well as the naked domain. Thanks for this tip! — dbep, Feb 26 '17 at 07:26

mestia · Answer 1 · 2017-02-24T13:58:53.650

-1

I usually use the following rule to redirect all traffic to https:

RewriteCond %{HTTPS} =off
RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]

Also, no need to place the rewrite rules between directives if you want to apply the rules globally for the vhost.

edited Feb 24 '17 at 13:58

answered Feb 24 '17 at 13:50

mestia

450
2
7

Thank you for your help, but this did not work. Since I am using elastic load balancer, the load balancer is supposed to set the x-forwarded-proto header when receiving requests through http. Then, in the apache2 conf, I am supposed to be able to rewrite requests (using the above configuration), but that isn't having any effect – dbep Feb 26 '17 at 07:25

Apache2 not redirecting to https

1 Answers1