Using ISAPI_Rewrite 3 proxy over ssl - isapi-rewrite

Here is my rule:
RewriteCond %{HTTP_HOST} ^www.siteone.com$ [NC]
RewriteRule ^/checkout/(.*)$ https://www.sitetwo.com/checkout/$1 [NC,P]
What I am trying to do is use the checkout page on sitetwo to process an order related to siteone. Our overall plan is to have one checkout page handle orders from all our other websites and keep the website's url in the address bar. We need to do this to help with tracking click throughs, especially pay per click.
I have this rule working on our dev site where we don't use ssl.
Where are using IIS6
Siteone and sitetwo have their own SSL certificates. If I attempt to go to https://www.siteone.com/checkout/Default.aspx, I get an "Internal Server Error" show in the browser instead of going to the page.
Is there something we are missing in setting this up to work?
Thanks
Royal

Please consider using the following syntax (if it's httpd.conf):
RewriteCond %{HTTP_HOST} ^www\.siteone\.com$ [NC]
RewriteProxy ^/checkout/(.*)$ https://www.sitetwo.com/checkout/$1 [NC,A,CR]

Related

prestashop 1.6.1.17 making http to https, cannot open front office and back office

I am new to prestashop. I currentlly got the ssl certificate and change the http to https, When I change this on backend office
At this point I can log in to back office. and the url is green.
Then the front page is not working
It says redirect many times.
Then I changed the .htaccess file added this
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://buyfood.co.nz/$1 [R,L]
Then I cannot even log in to backend office.
Please help me, Thank you!!!

.htaccess image to web page redirect of sorts

I think this can be done, though not sure, so I came here to find out from you experts. I researched extensively, but always get the opposite of what I want to do. I was wondering if someone types in the image file URL (on server side) into an address bar if that could be directed to its corresponding web page.
For example:
One types in yourdomain.com/wp-content/uploads/image-name.jpg and it's directed to yourdomain.com/print/image-name (w/o .jpg)
So instead of one just seeing the image in a window, they will see the image, it's information and how to purchase it on my brand web site.
If that is not possible or the file name doesn't match, can directly typed server side image file URLs redirect to my website galleries or home page? And where in .htaccess would this code be located? Above begin wordpress or not?
If above Begin WP, will that interfere with this code that already exists? If so how would I exactly write it?
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.sitename.com/$1 [R,L]
Thanks in advance!
EDIT: To clarify, my site being down has nothing to do with the help I received here. I upgraded my web host account and there was a glitch when they migrated it.
Insert this rule just below RewriteEngine On line:
RewriteCond %{THE_REQUEST} /wp-content/uploads/(.+?)\.jpg [NC]
RewriteRule ^ /print/%1? [L,R=302,NE]

IsapiRewrite rules generate strange pages/folders?

i'm using IsapiRewrite from helicontech for my custom classic ASP shopping cart.
My actual httpd.ini file is:
[ISAPI_Rewrite]
RewriteBase /
RewriteCond %HTTPS off
RewriteCond Host: (?!^www.domain.com)(.+)
RewriteRule /(.*) http\://www.domain.com/$2 [I,RP]
RewriteRule /httpd(?:\.ini|\.parse\.errors).* / [I,O]
RewriteRule /(.+)-([^-]*)-([^-]*)-([^-]*)\.html$ /detail.asp?brand=$1&model=$2&id=$3&lg=$4 [L]
So i'm actually using this component only to rewrite the product detail page in a nice way.
Lately looking in google cache i find some folders with files inside cached by googleBot that doesn't exist on my server eg: domain.com/carrera-CHAMPION ... and so on.
The page drawn if i access these strange pages is the detail.asp page but without css and some js loaded.
I tested recently the site with Acunetix scanner and seems like he found too these strange folders.
First i added a javascript check to se if Jquery not loaded then that means the page is one of these so i throw an alert and redirect user to homepage ..
Do you know what could be ? or how i could solve this via a rule in httpd.ini?
Hope i make myself clear if no feel free to ask me details,
thank you
Can you confirm that when you disable ISAPI_Rewrite these strange pages/folders disappear?
Please note that ISAPI_Rewrite only rewrites response headers and can't generate anything, so it's highly unlikely to be the cause of the issue.
BTW, your config is the mixture of ISAPI_Rewrite 2 and 3 syntax. If it's v2, please fix it like this:
[ISAPI_Rewrite]
RewriteCond %HTTPS off
RewriteCond Host: (?!www.domain.com).+
RewriteRule /(.*) http\://www.domain.com/$1 [I,RP]
RewriteRule /httpd(?:\.ini|\.parse\.errors).* / [I,O]
RewriteRule /(.+)-([^-]*)-([^-]*)-([^-]*)\.html$ /detail.asp\?brand=$1&model=$2&id=$3&lg=$4 [L]

strange behavior SSL acts when rewriting url

I believe there is something weird when I have rewritten my urls. My website links are forced to use SSL and when I click on any, the browser shows OK for SSL on Chrome (green color on https), safe site or identified certificate on Firefox, and the same OK working SSL on other browsers.
Now the problem starts whenever I rewrite the url using mod_rewrite and shorten the link a red sign shows up on Chrome, not identified on FireFox, and the same issue on other browsers.
I guess the problem is somewhere in the rewrite code or something is missing has to be added!
Update #1
RewriteCond %{REQUEST_URI} ^(/pro)
RewriteRule ^(.*)$ /foo/loop/sps/click/$1 [L]
RewriteCond %{REQUEST_URI} ^/foo/loop/sps/click
RewriteRule foo/loop/sps/click/(pro)(/(.*))?$ $1$2 [R,L]
and of course adding php handler : DirectoryIndex index.php
Update #2
The error I get is the red sign in Chrome for example. That happens when I enter a url shortened using rewrite url mod_rewrite.
SSL issues can be complex and depend on several different variables. The most likely case is that when you rewrite the URL's, you are changing the host name. Let's say you rewrite "https://www.test.com/whatever" to "https://test.com/w". In this case, if the SSL certificate was assigned to "www.test.com", you will get a red sign saying the certificate is valid but does not match the URL.
If that does not help, we would need more details on the SSL certificate, the exact SSL error you're getting, and examples of rewritten URL's.

Apache2 redirect all but some pages back to http using vhosts

I am using rewrite rules with Apache 2 to redirect certain types of pages to HTTPS using vhosts. These are anything that starts with mydomain.com/users. In other words, all pages having to do with users and their information should be on HTTPS. I want to redirect all other pages to HTTP.
What happens now is that when a user goes to a /users page, he is redirected fine to HTTPS. But when he navigates away from the /users area, I can't get the redirect back to HTTP.
I need the rules and conditions to rewrite anything that is NOT /users/* to HTTP. In other words, please help me fill in the blanks:
RewriteCond %{SERVER_PORT} ^443$
RewriteCond %{REQUEST_URI} __blank__
RewriteRule __blank__ http://mydomain.com%{REQUEST_URI} [R=301,L]
In researching this, there are a few things I am trying to avoid. I need a wildcard under /users because I am developing the app and often add pages under users (it's a Rails app).
I understand that it is not easy to do a NOT match with regular expressions. All I am trying to do here is have the bulk of the site run on HTTP except the /users/* pages on HTTPS.
Also, yes I have a valid cert and yes I have verified that the Apache2 rewrite mod works. I can get all URLs rewritten to HTTP no problem. How do I NOT rewrite ones that start with /users in the REQUEST_URI? I think I have actually tried about every answer on this site so far...
There quite a few answers for this sort of questions, -- you just need to search this site a bit. Yes, they do not answer your question 100% straight away (as everyone has slightly different requirements -- like different page name etc) but the whole approach is the same.
In any case -- here how it can be done:
Options +FollowSymLinks -MultiViews
RewriteEngine On
RewriteBase /
# don't do anything for images/css/js (leave protocol as is)
RewriteRule \.(gif|jpe?g|png|css|js)$ - [NC,L]
# force https for /users/*
RewriteCond %{HTTPS} =off
RewriteRule ^/users/ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# force http for all other URLs
RewriteCond %{HTTPS} =on
RewriteCond %{REQUEST_URI} !^/users/
RewriteRule .* http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# your other rewrite rules below
These rules need to be placed inside VirtualHost directive BEFORE any other rewrite rules (if such present). If placed elsewhere some small tweaking may be required.
They will
force HTTPS for all resources in /users/,
do nothing for images, css styles and JavaScript files (to be precise, for files with those extensions)
and will force HTTP for all other URLs
IMPORTANT NOTE: It is very likely that these rule will not work for you straight away. That is because modern browser do CACHE 301 redirects from your previous attempts. Therefore I recommend testing it on another browser and change 301 to 302 during testing (302 is not cached) .. or clear all browser caches (maybe even history) and restart browser.

Resources