httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marat Khalili <...@rqc.ru>
Subject Re: [users@httpd] redirect port from 80 to 443
Date Sun, 19 Feb 2017 17:27:10 GMT
Just a personal opinion: mod_rewrite is perfectly fine as long as you know it well, and any
Apache admin will have to learn and use it eventually. If you can accomplish your task with
one powerful module you already know, learning "simpler" modules and enabling them on your
server is both silly and dangerous.

"When not to use mod_rewrite" page was probably written by people frustrated with too many
examples of incorrect mod_rewrite configurations in this forum. It makes sense _for them_
to point people to easier to use modules, not necessarily for you to use them.

--
With Best Regards,
Marat Khalili   

On 19/02/17 00:33, Spork Schivago wrote:

Sorry to butt in here.   I've been following this post with some interest.   I wanted to accomplish
the same thing the original OP wanted to accomplish, redirect all traffic to the secure version
of my site.   I went to the internet and found directions on how to do this using mod_rewrite
rules.   Now that I know I should be using redirect instead, I had some questions.   Should
I start my own topic or just ask in this one?   What's generally considered best practice
in a situation like this, where my question revolves around the original ops question?

Thanks!


On Sat, Feb 18, 2017 at 3:02 PM, Dr James Smith <js5@sanger.ac.uk> wrote:

As I only run HTTPS - I have the following on port 80 - (this can't be done with redirect)

<VirtualHost *:80>

  ...
  ...
  ...

  RewriteEngine on
  RewriteCond   %{REQUEST_URI}  !^/.well-known/acme-challenge
  RewriteRule   ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [R=permanent,L,NE]
</VirtualHost>

So I only have one port 80 configuration - even tho' I'm running something like 30 sub-domains
on one machine and 70 sub-domains on the other...

{There is some other stuff associated with this - and I've got HTST headers set - and preloaded
where I can - so most browsers won't hit the port 80 anyway!} 




On 18/02/2017 19:00, Daniel wrote:

Yes please, let's stay away of convoluted and most times innecessary mod_rewrite examples
to do simpleton configurations. 


If you are in virtualhost 80, you have specified servername correctly and you just want to
redirect to ssl, why not a single Redirect statement?


As Yann's refered document says:

Redirect / https://something.example.com/


Most people here knows this but there are gazillions web pages refering to bad advice, duck
and tape solutions and convolued ways of using mod_rewrite for a simple redirection when placed
in proper context, we need to finish with that trend, and the best way is to give simple,
straight to the point examples "first".


The mod_rewrite example given,lets slice it out:

> RewriteCond %{HTTP_HOST} =www.example.com
> RewriteCond %{SERVER_PORT} =80
> RewriteRule ^(.*)$ https://www.example.com/$1 [R]


This clearly assumes it is a generic recipe in a .htaccess somewhere which can be read from
a non-SSL virtualhost or non-SSL virtualhost (just to be ignored). 


1º It checks the host name, but why? if you have defined a VirtualHost with that servername
and there are no conflicts the request is already landing there.

2º It checks for port 80. But we are redirecting to SSL, so we are already on port 80, why
check it?

3º Can be replaced with a Redirect as mentioned above.


So instead of giving out recipes for .htaccess thought out for an aging era or shared virtualhosting,
lets recommend the ideal virtualhost context recipe first as Yann proposed earlier:


Define the virtualhost with the names you serve.

<VirtualHost *:80>

ServerName something.example.com

Redirect / https://something.example.com/

</VirtualHost>


There is no guessing here, no unnecessary directives and it's hard to miss or confuse with
other directives and the context where it resides is crystal clear.


Later on, when things need to be complicated, then I guess we can use "If" or "mod_rewrite",
and recommend it as needed.



2017-02-18 19:38 GMT+01:00 Richard <lists-apache@listmail.innovate.net>:



> Date: Saturday, February 18, 2017 11:04:34 -0700
> From: James Moe <jimoe@sohnen-moe.com>
>
> On 02/18/2017 05:08 AM, Rodrigo Cunha wrote:
>> i want redirect all request from port 80 to 443.
>> what is better setting for fix this?
>>
>   Better than what?
>   Fix? Is it broken?
>
> RewriteCond %{HTTP_HOST} =www.example.com
> RewriteCond %{SERVER_PORT} =80
> RewriteRule ^(.*)$ https://www.example.com/$1 [R]

Perhaps, better than using a "rewrite"? See the documentation
reference, given in an earlier post:

  <https://httpd.apache.org/docs/2.4/rewrite/avoid.html#redirect>

that has this as a specific example of when/why to use a "redirect"
rather than a "rewrite".




---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org




-- 

Daniel Ferradal 

IT Specialist


email         dferradal at gmail.com

linkedin     es.linkedin.com/in/danielferradal



-- The Wellcome Trust Sanger Institute is operated by Genome Research Limited, a charity registered
in England with number 1021457 and a company registered in England with number 2742969, whose
registered office is 215 Euston Road, London, NW1 2BE. 




-- 

С уважением,
Марат Халили (Российский Квантовый Центр)
+7 926 950 0804
Mime
View raw message