I believe there is something weird when I have rewritten my urls. My website links are forced to use SSL and when I click on any, the browser shows OK for SSL on Chrome (green color on https), safe site or identified certificate on Firefox, and the same OK working SSL on other browsers.
Now the problem starts whenever I rewrite the url using mod_rewrite and shorten the link a red sign shows up on Chrome, not identified on FireFox, and the same issue on other browsers.
I guess the problem is somewhere in the rewrite code or something is missing has to be added!
Update #1
RewriteCond %{REQUEST_URI} ^(/pro)
RewriteRule ^(.*)$ /foo/loop/sps/click/$1 [L]
RewriteCond %{REQUEST_URI} ^/foo/loop/sps/click
RewriteRule foo/loop/sps/click/(pro)(/(.*))?$ $1$2 [R,L]
and of course adding php handler : DirectoryIndex index.php
Update #2
The error I get is the red sign in Chrome for example. That happens when I enter a url shortened using rewrite url mod_rewrite.
SSL issues can be complex and depend on several different variables. The most likely case is that when you rewrite the URL's, you are changing the host name. Let's say you rewrite "https://www.test.com/whatever" to "https://test.com/w". In this case, if the SSL certificate was assigned to "www.test.com", you will get a red sign saying the certificate is valid but does not match the URL.
If that does not help, we would need more details on the SSL certificate, the exact SSL error you're getting, and examples of rewritten URL's.
Related
Today I installed the SSL certificate in my GoDaddy hosting account.
Everything seems to work when I type "https://myDomain.co.il, meaning, my website is secured.
But when I type HTTP://myDomain.co.il, my website is not secured.
As I was looking for an answer to solve this problem, I found an article in GoDaddy that explains how to redirect HTTP to https.
Is says that I need to open a file inside public_html called .htaccess.
Inside the file, I wrote the following code:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{HTTP_HOST} ^(www\.)?coolexample\.com
RewriteRule ^(.*)$ https://www.coolexample.com/$1 [R,L]
Unfortunately, it's not working.
Another question, when I'll solve this problem, if I will type www.myDomain.co.il or myDoamin.co.il, will it redirect to https as well?
The purpose of this code is to prevent people from accessing a pdf file unless they are accessing the file from another page in https://www.example.com. If they are trying to access the PDF from another site, they are to be redirected to our commercial website https://example2.com. (It is to prevent people who don't have authorized access from downloading a PDF or from copying the URL for the PDF and sharing it with others.)
RewriteEngine On
RewriteCond %{HTTP_HOST}##%{HTTP_REFERER} !^([^#]*)##https?://\1/.*
RewriteRule ^(.*) https://example2.com/ [L,R=301]
The code above worked fine with all browsers until a recent update to IE11 and now it ignores the rewrite condition and always redirects to https://example2.com even if you are linking from https://www.example.com. However it works as it should in Chrome and Edge.
I tried changing the rewrite to what I have below as I am fine hardcoding the URL, but got the same results:
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^https://www.example.com/.*
RewriteRule ^(.*) https://example.com/ [L,R=301]
How do I get this needed functionality to work in IE?
Maybe IE has an old and wrong rewrite rule cached. You could clear cache in IE and try again.
Besides, you could test your rewrite rules in this site. I test with your first code and it says:
This test string is not supported: %{HTTP_HOST}##%{HTTP_REFERER}
I test with your second code and it works. So I think you could clear IE cache and try again with the second code.
For more information, you could refer to this similar thread.
My question is regarding RewriteMap on apache2: I want to apply a rewrite condition, so that all request on my proxy are proxied to an completely new domain.
Eg localhost/test or any other url should just go to www.mydomain.com:
RewriteRule / http://www.mydomain.com [P]
Works fine. If I access localhost, I still see "localhost" in my browser address line, but mydomain.com is presented. BUT if I now click on any link on this mydomain site, I will get a "Not Found" response.
The sourecode of mydomain contains eg this link:
Link
If I access the site in a normal way, this would result in: www.mydomain.com/lab/sale.php, and works fine.
If I access the site through my proxy and the rewriteRule takes place, I would after the link click be directed to: localhost/lab/sale.php, which does not exist of course.
Question: how can I a user that accesses the site through my proxy browse on the whole site as if he would really access this site?
The RewriteRule directive isn't like a ProxyPass or Redirect where they essentially link 2 nodes together and everything following it also gets proxied. The rule that you have only proxies the request URI /, not /lab/ or /etc.php or anything else. You need to create a match and pass that along as a backreference:
RewriteRule ^/?(.*)$ http://www.mydomain.com/$1 [P]
Or you can use the %{REQUEST_URI} variable:
RewriteRule ^ http://www.mydomain.com%{REQUEST_URI} [P]
I am using rewrite rules with Apache 2 to redirect certain types of pages to HTTPS using vhosts. These are anything that starts with mydomain.com/users. In other words, all pages having to do with users and their information should be on HTTPS. I want to redirect all other pages to HTTP.
What happens now is that when a user goes to a /users page, he is redirected fine to HTTPS. But when he navigates away from the /users area, I can't get the redirect back to HTTP.
I need the rules and conditions to rewrite anything that is NOT /users/* to HTTP. In other words, please help me fill in the blanks:
RewriteCond %{SERVER_PORT} ^443$
RewriteCond %{REQUEST_URI} __blank__
RewriteRule __blank__ http://mydomain.com%{REQUEST_URI} [R=301,L]
In researching this, there are a few things I am trying to avoid. I need a wildcard under /users because I am developing the app and often add pages under users (it's a Rails app).
I understand that it is not easy to do a NOT match with regular expressions. All I am trying to do here is have the bulk of the site run on HTTP except the /users/* pages on HTTPS.
Also, yes I have a valid cert and yes I have verified that the Apache2 rewrite mod works. I can get all URLs rewritten to HTTP no problem. How do I NOT rewrite ones that start with /users in the REQUEST_URI? I think I have actually tried about every answer on this site so far...
There quite a few answers for this sort of questions, -- you just need to search this site a bit. Yes, they do not answer your question 100% straight away (as everyone has slightly different requirements -- like different page name etc) but the whole approach is the same.
In any case -- here how it can be done:
Options +FollowSymLinks -MultiViews
RewriteEngine On
RewriteBase /
# don't do anything for images/css/js (leave protocol as is)
RewriteRule \.(gif|jpe?g|png|css|js)$ - [NC,L]
# force https for /users/*
RewriteCond %{HTTPS} =off
RewriteRule ^/users/ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# force http for all other URLs
RewriteCond %{HTTPS} =on
RewriteCond %{REQUEST_URI} !^/users/
RewriteRule .* http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# your other rewrite rules below
These rules need to be placed inside VirtualHost directive BEFORE any other rewrite rules (if such present). If placed elsewhere some small tweaking may be required.
They will
force HTTPS for all resources in /users/,
do nothing for images, css styles and JavaScript files (to be precise, for files with those extensions)
and will force HTTP for all other URLs
IMPORTANT NOTE: It is very likely that these rule will not work for you straight away. That is because modern browser do CACHE 301 redirects from your previous attempts. Therefore I recommend testing it on another browser and change 301 to 302 during testing (302 is not cached) .. or clear all browser caches (maybe even history) and restart browser.
Here is my rule:
RewriteCond %{HTTP_HOST} ^www.siteone.com$ [NC]
RewriteRule ^/checkout/(.*)$ https://www.sitetwo.com/checkout/$1 [NC,P]
What I am trying to do is use the checkout page on sitetwo to process an order related to siteone. Our overall plan is to have one checkout page handle orders from all our other websites and keep the website's url in the address bar. We need to do this to help with tracking click throughs, especially pay per click.
I have this rule working on our dev site where we don't use ssl.
Where are using IIS6
Siteone and sitetwo have their own SSL certificates. If I attempt to go to https://www.siteone.com/checkout/Default.aspx, I get an "Internal Server Error" show in the browser instead of going to the page.
Is there something we are missing in setting this up to work?
Thanks
Royal
Please consider using the following syntax (if it's httpd.conf):
RewriteCond %{HTTP_HOST} ^www\.siteone\.com$ [NC]
RewriteProxy ^/checkout/(.*)$ https://www.sitetwo.com/checkout/$1 [NC,A,CR]