HTTP to HTTPS redirect fails

Discussion in 'General' started by N3RVE, Mar 28, 2015.

  1. N3RVE

    N3RVE New Member

    I entered my SSL information via the SSL section in ISPConfig and used the following to enforce a HTTPS redirect:
    Code:
    RewriteEngine on
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
    I also tried using a .htaccess file with the content here.

    Content of associated vhost:
    Code:
    <Directory /var/www/arcube.com.ng>
        AllowOverride None
                Require all denied
        </Directory>

<VirtualHost 45.56.99.63:80>
                    DocumentRoot /var/www/arcube.com.ng/web
           
        ServerName arcube.com.ng
        ServerAlias www.arcube.com.ng
        ServerAdmin [email protected]

        ErrorLog /var/log/ispconfig/httpd/arcube.com.ng/error.log


        <IfModule mod_ssl.c>
        </IfModule>

        <Directory /var/www/arcube.com.ng/web>
                # Clear PHP settings of this website
                <FilesMatch ".+\.ph(p[345]?|t|tml)$">
                        SetHandler None
                </FilesMatch>
                Options +FollowSymLinks
                AllowOverride All
                                Require all granted
                        </Directory>
        <Directory /var/www/clients/client1/web5/web>
                # Clear PHP settings of this website
                <FilesMatch ".+\.ph(p[345]?|t|tml)$">
                        SetHandler None
                </FilesMatch>
                Options +FollowSymLinks
                AllowOverride All
                                Require all granted
                        </Directory>




        # php as fast-cgi enabled
    # For config options see: http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html
        <IfModule mod_fcgid.c>
                IdleTimeout 300
                ProcessLifeTime 3600
                # MaxProcessCount 1000
                DefaultMinClassProcessCount 0
                DefaultMaxClassProcessCount 100
                IPCConnectTimeout 3
                IPCCommTimeout 600
                BusyTimeout 3600
        </IfModule>
        <Directory /var/www/arcube.com.ng/web>
                <FilesMatch "\.php[345]?$">
                    SetHandler fcgid-script
                </FilesMatch>
                FCGIWrapper /var/www/php-fcgi-scripts/web5/.php-fcgi-starter .php
                FCGIWrapper /var/www/php-fcgi-scripts/web5/.php-fcgi-starter .php3
                FCGIWrapper /var/www/php-fcgi-scripts/web5/.php-fcgi-starter .php4
                FCGIWrapper /var/www/php-fcgi-scripts/web5/.php-fcgi-starter .php5
                Options +ExecCGI
                AllowOverride All
                                Require all granted
                        </Directory>
        <Directory /var/www/clients/client1/web5/web>
                <FilesMatch "\.php[345]?$">
                    SetHandler fcgid-script
                </FilesMatch>
                FCGIWrapper /var/www/php-fcgi-scripts/web5/.php-fcgi-starter .php
                FCGIWrapper /var/www/php-fcgi-scripts/web5/.php-fcgi-starter .php3
                FCGIWrapper /var/www/php-fcgi-scripts/web5/.php-fcgi-starter .php4
                FCGIWrapper /var/www/php-fcgi-scripts/web5/.php-fcgi-starter .php5
                Options +ExecCGI
                AllowOverride All
                                Require all granted
                        </Directory>


        # add support for apache mpm_itk
        <IfModule mpm_itk_module>
            AssignUserId web5 client1
        </IfModule>

        <IfModule mod_dav_fs.c>
        # Do not execute PHP files in webdav directory
            <Directory /var/www/clients/client1/web5/webdav>
                <ifModule mod_security2.c>
                    SecRuleRemoveById 960015
                    SecRuleRemoveById 960032
                </ifModule>
                <FilesMatch "\.ph(p3?|tml)$">
                    SetHandler None
                </FilesMatch>
            </Directory>
            DavLockDB /var/www/clients/client1/web5/tmp/DavLock
            # DO NOT REMOVE THE COMMENTS!
            # IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!
      # WEBDAV BEGIN
            # WEBDAV END
        </IfModule>


</VirtualHost>
    I've also noticed that despite the HTTPS working, the vhost still contains :80 instead of :443. What am I doing wrong?
     
    N3RVE, Mar 28, 2015
    #1
  2. florian030

    florian030 ISPConfig Developer ISPConfig Developer

    With Apache you can use
    Code:
    RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
    And don´t forget to enable SSL for this site (and create the certificate).
     
    florian030, Mar 29, 2015
    #2
    buffus likes this.
  3. N3RVE

    N3RVE New Member

    After placing that into the Apache Directives filed in ISPConfig, request to http/https do not work (the page doesn't load). The browser (Google Chrome) returns an error: "This webpage has a redirect loop".
    Removing the code from the Apache Directives field returns the site back to working other with both HTTP and HTTPS, with no redirect.
    This was the same problem I had using the redirect code above. Certificates have been installed from the SSL tab within ISPConfig and work when I manually put HTTPS into the browser.

    Update:
    After deleting the content in the Apache directives field, I switched to the redirect tab and inserted the full URL including https:// as the redirect path and tried both R,L and permanent. Nothing happened with permanent, R,L however caused the same issue with the redirect loop error.
     
    Last edited: Mar 29, 2015
    N3RVE, Mar 29, 2015
    #3
  4. N3RVE

    N3RVE New Member

    It turned out that CloudFlare was responsible for the infinite redirect loop. I resulted to using Page Rules from CloudFlare to force a HTTPS redirect. Thanks for the help :)
     
    N3RVE, Mar 30, 2015
    #4

Share This Page