Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
Date: Wed, 21 May 2003 16:28:27 -0400
From: Jurgen <apache@squarehosting.com>
To: users@httpd.apache.org
Message-Id: <20030521162827.4a8d6d6a.apache@squarehosting.com>
In-Reply-To: <200305211028.20827.mike@nachbaur.com>
References: <003701c31faa$d4cb71f0$6601a8c0@elvis>
	<200305211028.20827.mike@nachbaur.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Subject: Re: [users@httpd] mod_rewrite help

Hi,

Or this (it has to go into the VirtualHost configuration for the https server):

RewriteEngine On
RewriteCond   %{HTTP_HOST}    !^www\.
RewriteRule    ^(.*)$                     https://www.mydomain.com$1 [R]

it rewrites everything to www. if it doesn't start with www.
I am not sure if this will not help you, as the SSL connection is established first and therefore I am afraid the browser will already complain.

Jurgen


On Wed, 21 May 2003 10:28:20 -0700
Michael A Nachbaur <mike@nachbaur.com> wrote:

> I think the following might work.  You'll have to add it to your HTTPS 
> VirtualHost.
> 
> RewriteEngine On
> RewriteCond   %{HTTP_HOST}    ^mydomain.com$
> RewriteRule    ^(.*)$                     https://www.mydomain.com$1 [R]
> 
> What this does (I think, I'm no mod_rewrite expert) is perform the RewriteRule 
> to redirect the browser to the full domain name only if the HTTP_HOST request 
> header is mydomain.com (minus the www.).
> 
> On Wednesday 21 May 2003 08:08 am, Beau Hebert wrote:
> > First, a big thanks to all out in Apacheland for helping me rewrite
> > incoming http requests to https. It works like a charm. But, as usual,
> > one success has led to another obstacle.
> >
> > As mentioned, all incoming HTTP requests are rewritten to HTTPS using
> > mod_rewrite with the following code (thanks again Jurgen):
> >
> > RewriteEngine On
> > RewriteRule ^(.*)$ https://www.mydomain.com$1
> >
> > As a consequence to having all requests being HTTPS I also need to have
> > all incoming requests contain www (i.e.
> > https://www.mydomain.com/login.php  rather than simply
> > https://mydomain.com/login.php), otherwise the user receives an alert
> > that the name on the Certificate doesn't match the website. This is
> > because the Secure Certificate is registered to the fully qualified
> > domain. So, my question: is there a way (either augmenting the code
> > above or including new code) so that if someone were to type
> > http://mydomnain.com/anypage.jsp, it would be rewritten to
> > https://www.mydomain.com/anypage.jsp.
> >
> > Thanks.
> > Beau
> >
> >
> >
> > ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP Server Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> 
> -- 
> Michael A Nachbaur <mike@nachbaur.com>
> 
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org