Page 1 of 1

VirtualHosts and mod_ssl

Posted: Wed Jan 11, 2006 3:18 pm
by neophyte
I've got a virtual host "somesite.com" running on 443/ssl (mod_ssl) on a separate IP address. When someone types http://somesite.com, right now the default virtual host is served up. What do I need to do in order to get apache to catch that server name "somesite.com" and redirect it to ssl on the correct virtual host? I hope that makes sense. If it doesn't feel free to reply "wtf"....

Thanks

Posted: Wed Jan 11, 2006 3:32 pm
by timvw
If i'm not mistaken, you would have to add a virtualhost just as with regular apache...

By heart:

Code: Select all

NameVirtualHost *:443

<VirtualHost 192.168.1.11:443>
  hostname     somehost
  rootdir          /var/wwws/somehost
  enablessl
</Virtualhost>

Posted: Wed Jan 11, 2006 3:45 pm
by neophyte
Here a few more details i've got...

NameVirtualHost 11.11.111.1

running on one port....

<VirtualHost 11.11.111.1>
ServerName thissite.com
</VirtualHost>

Then I've got a second IP like:

NameVirtualHost *:443
<VirtualHost 22.22.222.222>
ServerName somesite.com
SSLEngine on
</VirtualHost>

When you make an https://somesite.com you get somesite.com's content.

When you make an http://somesite.com you get the content of the default VirtualHost running on 80 thissite.com.

So the question is how do I set it up so port 80 connections to somesite.com end up secure and deliver somesite.com content.

I tried adding another virtual host under port 80 with the same server name and I got the same results described above...

Posted: Wed Jan 11, 2006 5:20 pm
by Chris Corbyn
Not 100% but I'd be looking down the mod_proxy route myself.... As I say, not 100% just a thought :)

i.e. Use mod_proxy to forward connection to somesite.com:80 over to somesite.com:443

Posted: Wed Jan 11, 2006 6:59 pm
by redmonkey
A simple mod_rewrite rule will suffice....

Code: Select all

RewriteEngine On
RewriteCond %{HTTPS} !^on [NC]
RewriteRule (.*) https://somesite.com/$1 [R]
Should work fine either in a .htaccess file within the root of your http virtual host or in the main httpd.conf file within your virtual host config.

Posted: Wed Jan 11, 2006 8:09 pm
by neophyte
Thanks I'll give it a try. But I'm not sure what it does. Can you explain?

Posted: Wed Jan 11, 2006 8:25 pm
by redmonkey
When a request is made to your default (port 80) server it hits the RewriteCondition and only if that condition is met will the RewriteRule be applied.

The RewriteCondition is essentially an 'if' statement which checks the request method is not https. If it is not https then the RewriteRule will be applied.

The RewriteRule is a very simple one. Basically it takes any request and redirects it to your https server.

Technically the RewriteCondition should use SERVER_PROTOCOL and not HTTPS but I have found this to be 'flaky' on some versions of Apache.

You could also use the more simplistic 'Redirect' directive but I've also seen problems with that approach too, anything from simply not redirecting through to endless loop redirects.

I've found the above mod_rewrite to be the most reliable solution.

Posted: Wed Jan 11, 2006 8:32 pm
by neophyte
I tried the redirect method and generated an endless loop today! :lol: :oops: :lol:

I saw in my search mod_rewrite but I didn't find anything that would work. I'll give this a shot and see how it goes!

Thanks again for the tip and the explanation!

Posted: Wed Jan 11, 2006 8:59 pm
by redmonkey
If you have any problems please provide details of your exact Apache version, OS and also if you are running it from .htaccess or httpd.conf.

Posted: Wed Jan 11, 2006 9:02 pm
by timvw
Now i have access to my the webserver, here is a modified example (it should redirect all requests for http://example.com/awstats to https://example.com/awstats)

apache httpd.conf

Code: Select all

<VirtualHost 192.168.1.11>
        ServerName example.com
        DocumentRoot/var/www/example.com
        Redirect /awstats https://example.com/awstats
</VirtualHost>
apache-ssl httpd.conf

Code: Select all

<VirtualHost  192.168.1.11:443>
        ServerName example.com
        DocumentRoot /var/www/example.com
        # For awstats
        Alias /awstatsclasses "/var/wwws/example.com/awstats/awstatsclasses"
        Alias /awstats "/var/wwws/example.com/awstats/awstatsclasses/www"
        SSLEnable
</VirtualHost>