httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alan Skea <s...@acm.org>
Subject Mod-rewrite / mod-env weirdness
Date Thu, 31 Jul 2003 17:22:50 GMT
I'm trying to use mod-rewrite to selectively redirect requests to the secure side of a web
site, but I'm finding some weird behaviour.  I was running 1.3.26 and this prompted me to
pull my finger out and install 1.3.28 but this hasn't fixed the problem.  I wonder if anyone
else has seen anything like this.

I have a main config file that includes the same web site config file for both the normal
and secure parts of the web site: i.e.:

<VirtualHost 192.168.22.1:80>
ServerName signup.CredGuard-dev.com
ServerAdmin webmaster@skea.com
Define SiteRoot /var/www/sites/signup.CredGuard.com/dev
Include ${SiteRoot}/wwwetc/config
</VirtualHost>

<IfDefine SSL>
<VirtualHost 192.168.22.1:443>
ServerName signup.CredGuard-dev.com
ServerAdmin webmaster@CredGuard.com
Define SiteRoot /var/www/sites/signup.CredGuard.com/dev
SetEnv SSL 1
Include ${SiteRoot}/wwwetc/config
SSLEngine on
SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
SSLCertificateFile ${SiteRoot}_data/cert/CredGuard-dev.crt
SSLCertificateKeyFile ${SiteRoot}_data/cert/CredGuard-dev.key.plain
SSLVerifyClient none
SSLOptions +FakeBasicAuth +ExportCertData
</VirtualHost>
</IfDefine>

In the included config file, I want to do this:

RewriteEngine on
RewriteCond %{ENV:SSL}		!=1
RewriteCond %{REQUEST_URI}	!^/(img)|(ssi)|(obj)/
RewriteRule ^/(.*)$		/redir

The trouble is, it works intermittently.  When I turn on all the logging that I can for mod_rewrite
I see that some requests that come in on port 443 can be seen to have the SSL env var set,
and others don't so mod_rewrite sends them to the redir page all over again.

The access logs show that the request is going to the right virtual host but the rewrite log
shows that the secure virtual host doesn't have the env var set when it looks.  After a few
attempts to get the page, it all settles down and works reliably so it looks to me like only
the first request through each process has a problem.

Anyone got any insights?

Thanks,
 -_-_ Alan.

Mime
  • Unnamed multipart/mixed (inline, None, 0 bytes)
View raw message