Re: [users@httpd] redirect port from 80 to 443
On Mon, 2017-02-20 at 11:56 +0300, Marat Khalili wrote: > It's very insightful, but what other _general purpose_ tool do we have > here? Correct me if I'm wrong, but seems like URL rewrite C (let alone > Python) is not yet created. Wrong question. URL rewriting isn't a problem you look to solve. It's a candidate *solution* to certain problems. Look at the problem instead of fixating on one particular class of prospective solution. -- Nick Kew - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] redirect port from 80 to 443
On 20/02/17 11:01, Nick Kew wrote: it's commonly used as a hacked-up scripting language comprisising just two main instructions (single IF aka RewriteCond, and GOTO aka RewriteRule) with side-effects. [...] By analogy, when I got my first programming job in the 1980s, there was still lots of ancient FORTRAN around, from before the FORTRAN-77 standard brought block structure to that language. We newbies were NOT encouraged to write old-style spaghetti code. It's very insightful, but what other _general purpose_ tool do we have here? Correct me if I'm wrong, but seems like URL rewrite C (let alone Python) is not yet created. -- With Best Regards, Marat Khalili - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] redirect port from 80 to 443
On Sun, 2017-02-19 at 20:27 +0300, Marat Khalili wrote: > "When not to use mod_rewrite" page was probably written by people > frustrated with too many examples of incorrect mod_rewrite > configurations in this forum. Actually it was largely written by the same people who wrote the mod_rewrite documentation. Twenty years ago, mod_rewrite was a fantastic tool: powerful and versatile. Today it's even more powerful and versatile. But it's also a horrendously *bad* way to accomplish most things: in non-trivial cases, it's commonly used as a hacked-up scripting language comprisising just two main instructions (single IF aka RewriteCond, and GOTO aka RewriteRule) with side-effects. Which is why we recommend rationalising away from those ancient mod_rewrite hacks that were once the only way to accomplish something but are now obsolete. By analogy, when I got my first programming job in the 1980s, there was still lots of ancient FORTRAN around, from before the FORTRAN-77 standard brought block structure to that language. We newbies were NOT encouraged to write old-style spaghetti code. -- Nick Kew - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] redirect port from 80 to 443
Just a personal opinion: mod_rewrite is perfectly fine as long as you know it
well, and any Apache admin will have to learn and use it eventually. If you can
accomplish your task with one powerful module you already know, learning
"simpler" modules and enabling them on your server is both silly and dangerous.
"When not to use mod_rewrite" page was probably written by people frustrated
with too many examples of incorrect mod_rewrite configurations in this forum.
It makes sense _for them_ to point people to easier to use modules, not
necessarily for you to use them.
--
With Best Regards,
Marat Khalili
On 19/02/17 00:33, Spork Schivago wrote:
Sorry to butt in here. I've been following this post with some interest. I
wanted to accomplish the same thing the original OP wanted to accomplish,
redirect all traffic to the secure version of my site. I went to the internet
and found directions on how to do this using mod_rewrite rules. Now that I
know I should be using redirect instead, I had some questions. Should I start
my own topic or just ask in this one? What's generally considered best
practice in a situation like this, where my question revolves around the
original ops question?
Thanks!
On Sat, Feb 18, 2017 at 3:02 PM, Dr James Smith wrote:
As I only run HTTPS - I have the following on port 80 - (this can't be done
with redirect)
...
...
...
RewriteEngine on
RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge
RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [R=permanent,L,NE]
So I only have one port 80 configuration - even tho' I'm running something like
30 sub-domains on one machine and 70 sub-domains on the other...
{There is some other stuff associated with this - and I've got HTST headers set
- and preloaded where I can - so most browsers won't hit the port 80 anyway!}
On 18/02/2017 19:00, Daniel wrote:
Yes please, let's stay away of convoluted and most times innecessary
mod_rewrite examples to do simpleton configurations.
If you are in virtualhost 80, you have specified servername correctly and you
just want to redirect to ssl, why not a single Redirect statement?
As Yann's refered document says:
Redirect / https://something.example.com/
Most people here knows this but there are gazillions web pages refering to bad
advice, duck and tape solutions and convolued ways of using mod_rewrite for a
simple redirection when placed in proper context, we need to finish with that
trend, and the best way is to give simple, straight to the point examples
"first".
The mod_rewrite example given,lets slice it out:
> RewriteCond %{HTTP_HOST} =www.example.com
> RewriteCond %{SERVER_PORT} =80
> RewriteRule ^(.*)$ https://www.example.com/$1 [R]
This clearly assumes it is a generic recipe in a .htaccess somewhere which can
be read from a non-SSL virtualhost or non-SSL virtualhost (just to be ignored).
1º It checks the host name, but why? if you have defined a VirtualHost with
that servername and there are no conflicts the request is already landing there.
2º It checks for port 80. But we are redirecting to SSL, so we are already on
port 80, why check it?
3º Can be replaced with a Redirect as mentioned above.
So instead of giving out recipes for .htaccess thought out for an aging era or
shared virtualhosting, lets recommend the ideal virtualhost context recipe
first as Yann proposed earlier:
Define the virtualhost with the names you serve.
ServerName something.example.com
Redirect / https://something.example.com/
There is no guessing here, no unnecessary directives and it's hard to miss or
confuse with other directives and the context where it resides is crystal clear.
Later on, when things need to be complicated, then I guess we can use "If" or
"mod_rewrite", and recommend it as needed.
2017-02-18 19:38 GMT+01:00 Richard :
> Date: Saturday, February 18, 2017 11:04:34 -0700
> From: James Moe
>
> On 02/18/2017 05:08 AM, Rodrigo Cunha wrote:
>> i want redirect all request from port 80 to 443.
>> what is better setting for fix this?
>>
> Better than what?
> Fix? Is it broken?
>
> RewriteCond %{HTTP_HOST} =www.example.com
> RewriteCond %{SERVER_PORT} =80
> RewriteRule ^(.*)$ https://www.example.com/$1 [R]
Perhaps, better than using a "rewrite"? See the documentation
reference, given in an earlier post:
that has this as a specific example of when/why to use a "redirect"
rather than a "rewrite".
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
--
Daniel Ferradal
IT Specialist
email dferradal at gmail.com
linkedin es.linkedin.com/in/danielferradal
-- The Wellcome Trust Sanger Institute is operated by Genome Research Limited,
a charity registered in England with
Re: [users@httpd] redirect port from 80 to 443
Most of my hosts are HTTPS only - I do have one host that allows port 80
for a yum package repository, https isn't needed there because the
packages themselves are signed and yum validates them on the client side
before installing.
This is an example of what I do:
ServerName librelamp.com
Redirect permanent / https://librelamp.com/
ServerName librelamp.com
Redirect permanent / https://librelamp.com/
ServerName www.librelamp.com
Redirect permanent / https://librelamp.com/
ServerName www.librelamp.com
Redirect permanent / https://librelamp.com/
I also send the HSTS header and OCSP stapling and HSTS Preloading in
Chrome, Edge, FireFox, and IE so that those clients will only ask for
the secure version of any links to the domain.
All you have to do to get HSTS preloading is send the header and then
submit the domain to Chrome for HSTS preloading. Once in Chrome, it
fairly quickly is added to the others.
That is more secure than an Apache redirect because a request to port 80
and/or the response can be modified by a MITM but if the browser knows
to only request the secure version, that is no longer an issue.
On 02/18/2017 12:02 PM, Dr James Smith wrote:
As I only run HTTPS - I have the following on port 80 - (this can't be
done with redirect)
...
...
...
RewriteEngine on
RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge
RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI}
[R=permanent,L,NE]
So I only have one port 80 configuration - even tho' I'm running
something like 30 sub-domains on one machine and 70 sub-domains on the
other...
{There is some other stuff associated with this - and I've got HTST
headers set - and preloaded where I can - so most browsers won't hit the
port 80 anyway!}
On 18/02/2017 19:00, Daniel wrote:
Yes please, let's stay away of convoluted and most times innecessary
mod_rewrite examples to do simpleton configurations.
If you are in virtualhost 80, you have specified servername correctly
and you just want to redirect to ssl, why not a single Redirect statement?
As Yann's refered document says:
Redirect / https://something.example.com/
Most people here knows this but there are gazillions web pages
refering to bad advice, duck and tape solutions and convolued ways of
using mod_rewrite for a simple redirection when placed in proper
context, we need to finish with that trend, and the best way is to
give simple, straight to the point examples "first".
The mod_rewrite example given,lets slice it out:
> RewriteCond %{HTTP_HOST} =www.example.com
Redirect / https://something.example.com/
There is no guessing here, no unnecessary directives and it's hard to
miss or confuse with other directives and the context where it resides
is crystal clear.
Later on, when things need to be complicated, then I guess we can use
"If" or "mod_rewrite", and recommend it as needed.
2017-02-18 19:38 GMT+01:00 Richard mailto:lists-apa...@listmail.innovate.net>>:
> Date: Saturday, February 18, 2017 11:04:34 -0700
> From: James Moe mailto:ji...@sohnen-moe.com>>
>
> On 02/18/2017 05:08 AM, Rodrigo Cunha wrote:
>> i want redirect all request from port 80 to 443.
>> what is better setting for fix this?
>>
> Better than what?
> Fix? Is it broken?
>
> RewriteCond %{HTTP_HOST} =www.example.com
> RewriteCond %{SERVER_PORT} =80
> RewriteRule ^(.*)$ https://www.example.com/$1 [R]
Perhaps, better than using a "rewrite"? See the documentation
reference, given in an earlier post:
>
that has this as a specific example of when/why to use a "redirect"
rather than a "rewrite".
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] redirect port from 80 to 443
Sorry to butt in here. I've been following this post with some interest.
I wanted to accomplish the same thing the original OP wanted to
accomplish, redirect all traffic to the secure version of my site. I went
to the internet and found directions on how to do this using mod_rewrite
rules. Now that I know I should be using redirect instead, I had some
questions. Should I start my own topic or just ask in this one? What's
generally considered best practice in a situation like this, where my
question revolves around the original ops question?
Thanks!
On Sat, Feb 18, 2017 at 3:02 PM, Dr James Smith wrote:
> As I only run HTTPS - I have the following on port 80 - (this can't be
> done with redirect)
>
>
> ...
> ...
> ...
>
> RewriteEngine on
> RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge
> RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI}
> [R=permanent,L,NE]
>
>
> So I only have one port 80 configuration - even tho' I'm running something
> like 30 sub-domains on one machine and 70 sub-domains on the other...
> {There is some other stuff associated with this - and I've got HTST
> headers set - and preloaded where I can - so most browsers won't hit the
> port 80 anyway!}
>
>
>
> On 18/02/2017 19:00, Daniel wrote:
>
> Yes please, let's stay away of convoluted and most times innecessary
> mod_rewrite examples to do simpleton configurations.
>
> If you are in virtualhost 80, you have specified servername correctly and
> you just want to redirect to ssl, why not a single Redirect statement?
>
> As Yann's refered document says:
> Redirect / https://something.example.com/
>
> Most people here knows this but there are gazillions web pages refering to
> bad advice, duck and tape solutions and convolued ways of using mod_rewrite
> for a simple redirection when placed in proper context, we need to finish
> with that trend, and the best way is to give simple, straight to the point
> examples "first".
>
> The mod_rewrite example given,lets slice it out:
> > RewriteCond %{HTTP_HOST} =www.example.com
> > RewriteCond %{SERVER_PORT} =80
> > RewriteRule ^(.*)$ https://www.example.com/$1 [R]
>
> This clearly assumes it is a generic recipe in a .htaccess somewhere which
> can be read from a non-SSL virtualhost or non-SSL virtualhost (just to be
> ignored).
>
> 1º It checks the host name, but why? if you have defined a VirtualHost
> with that servername and there are no conflicts the request is already
> landing there.
> 2º It checks for port 80. But we are redirecting to SSL, so we are already
> on port 80, why check it?
> 3º Can be replaced with a Redirect as mentioned above.
>
> So instead of giving out recipes for .htaccess thought out for an aging
> era or shared virtualhosting, lets recommend the ideal virtualhost context
> recipe first as Yann proposed earlier:
>
> Define the virtualhost with the names you serve.
>
> ServerName something.example.com
> Redirect / https://something.example.com/
>
>
> There is no guessing here, no unnecessary directives and it's hard to miss
> or confuse with other directives and the context where it resides is
> crystal clear.
>
> Later on, when things need to be complicated, then I guess we can use "If"
> or "mod_rewrite", and recommend it as needed.
>
>
> 2017-02-18 19:38 GMT+01:00 Richard :
>
>>
>>
>> > Date: Saturday, February 18, 2017 11:04:34 -0700
>> > From: James Moe
>> >
>> > On 02/18/2017 05:08 AM, Rodrigo Cunha wrote:
>> >> i want redirect all request from port 80 to 443.
>> >> what is better setting for fix this?
>> >>
>> > Better than what?
>> > Fix? Is it broken?
>> >
>> > RewriteCond %{HTTP_HOST} =www.example.com
>> > RewriteCond %{SERVER_PORT} =80
>> > RewriteRule ^(.*)$ https://www.example.com/$1 [R]
>>
>> Perhaps, better than using a "rewrite"? See the documentation
>> reference, given in an earlier post:
>>
>>
>>
>> that has this as a specific example of when/why to use a "redirect"
>> rather than a "rewrite".
>>
>>
>>
>> -
>> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>> For additional commands, e-mail: users-h...@httpd.apache.org
>>
>>
>
>
> --
> *Daniel Ferradal*
> IT Specialist
>
> email dferradal at gmail.com
> linkedin es.linkedin.com/in/danielferradal
>
>
>
> -- The Wellcome Trust Sanger Institute is operated by Genome Research
> Limited, a charity registered in England with number 1021457 and a company
> registered in England with number 2742969, whose registered office is 215
> Euston Road, London, NW1 2BE.
>
Re: [users@httpd] redirect port from 80 to 443
As I only run HTTPS - I have the following on port 80 - (this can't be
done with redirect)
...
...
...
RewriteEngine on
RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge
RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI}
[R=permanent,L,NE]
So I only have one port 80 configuration - even tho' I'm running
something like 30 sub-domains on one machine and 70 sub-domains on the
other...
{There is some other stuff associated with this - and I've got HTST
headers set - and preloaded where I can - so most browsers won't hit the
port 80 anyway!}
On 18/02/2017 19:00, Daniel wrote:
Yes please, let's stay away of convoluted and most times innecessary
mod_rewrite examples to do simpleton configurations.
If you are in virtualhost 80, you have specified servername correctly
and you just want to redirect to ssl, why not a single Redirect statement?
As Yann's refered document says:
Redirect / https://something.example.com/
Most people here knows this but there are gazillions web pages
refering to bad advice, duck and tape solutions and convolued ways of
using mod_rewrite for a simple redirection when placed in proper
context, we need to finish with that trend, and the best way is to
give simple, straight to the point examples "first".
The mod_rewrite example given,lets slice it out:
> RewriteCond %{HTTP_HOST} =www.example.com
Redirect / https://something.example.com/
There is no guessing here, no unnecessary directives and it's hard to
miss or confuse with other directives and the context where it resides
is crystal clear.
Later on, when things need to be complicated, then I guess we can use
"If" or "mod_rewrite", and recommend it as needed.
2017-02-18 19:38 GMT+01:00 Richard >:
> Date: Saturday, February 18, 2017 11:04:34 -0700
> From: James Moe mailto:ji...@sohnen-moe.com>>
>
> On 02/18/2017 05:08 AM, Rodrigo Cunha wrote:
>> i want redirect all request from port 80 to 443.
>> what is better setting for fix this?
>>
> Better than what?
> Fix? Is it broken?
>
> RewriteCond %{HTTP_HOST} =www.example.com
> RewriteCond %{SERVER_PORT} =80
> RewriteRule ^(.*)$ https://www.example.com/$1 [R]
Perhaps, better than using a "rewrite"? See the documentation
reference, given in an earlier post:
>
that has this as a specific example of when/why to use a "redirect"
rather than a "rewrite".
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
--
*Daniel Ferradal*
IT Specialist
email dferradal at gmail.com
linkedin es.linkedin.com/in/danielferradal
--
The Wellcome Trust Sanger Institute is operated by Genome Research
Limited, a charity registered in England with number 1021457 and a
company registered in England with number 2742969, whose registered
office is 215 Euston Road, London, NW1 2BE.
Re: [users@httpd] redirect port from 80 to 443
Yes please, let's stay away of convoluted and most times innecessary
mod_rewrite examples to do simpleton configurations.
If you are in virtualhost 80, you have specified servername correctly and
you just want to redirect to ssl, why not a single Redirect statement?
As Yann's refered document says:
Redirect / https://something.example.com/
Most people here knows this but there are gazillions web pages refering to
bad advice, duck and tape solutions and convolued ways of using mod_rewrite
for a simple redirection when placed in proper context, we need to finish
with that trend, and the best way is to give simple, straight to the point
examples "first".
The mod_rewrite example given,lets slice it out:
> RewriteCond %{HTTP_HOST} =www.example.com
> RewriteCond %{SERVER_PORT} =80
> RewriteRule ^(.*)$ https://www.example.com/$1 [R]
This clearly assumes it is a generic recipe in a .htaccess somewhere which
can be read from a non-SSL virtualhost or non-SSL virtualhost (just to be
ignored).
1º It checks the host name, but why? if you have defined a VirtualHost with
that servername and there are no conflicts the request is already landing
there.
2º It checks for port 80. But we are redirecting to SSL, so we are already
on port 80, why check it?
3º Can be replaced with a Redirect as mentioned above.
So instead of giving out recipes for .htaccess thought out for an aging era
or shared virtualhosting, lets recommend the ideal virtualhost context
recipe first as Yann proposed earlier:
Define the virtualhost with the names you serve.
ServerName something.example.com
Redirect / https://something.example.com/
There is no guessing here, no unnecessary directives and it's hard to miss
or confuse with other directives and the context where it resides is
crystal clear.
Later on, when things need to be complicated, then I guess we can use "If"
or "mod_rewrite", and recommend it as needed.
2017-02-18 19:38 GMT+01:00 Richard :
>
>
> > Date: Saturday, February 18, 2017 11:04:34 -0700
> > From: James Moe
> >
> > On 02/18/2017 05:08 AM, Rodrigo Cunha wrote:
> >> i want redirect all request from port 80 to 443.
> >> what is better setting for fix this?
> >>
> > Better than what?
> > Fix? Is it broken?
> >
> > RewriteCond %{HTTP_HOST} =www.example.com
> > RewriteCond %{SERVER_PORT} =80
> > RewriteRule ^(.*)$ https://www.example.com/$1 [R]
>
> Perhaps, better than using a "rewrite"? See the documentation
> reference, given in an earlier post:
>
>
>
> that has this as a specific example of when/why to use a "redirect"
> rather than a "rewrite".
>
>
>
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>
--
*Daniel Ferradal*
IT Specialist
email dferradal at gmail.com
linkedin es.linkedin.com/in/danielferradal
Re: [users@httpd] redirect port from 80 to 443
> Date: Saturday, February 18, 2017 11:04:34 -0700
> From: James Moe
>
> On 02/18/2017 05:08 AM, Rodrigo Cunha wrote:
>> i want redirect all request from port 80 to 443.
>> what is better setting for fix this?
>>
> Better than what?
> Fix? Is it broken?
>
> RewriteCond %{HTTP_HOST} =www.example.com
> RewriteCond %{SERVER_PORT} =80
> RewriteRule ^(.*)$ https://www.example.com/$1 [R]
Perhaps, better than using a "rewrite"? See the documentation
reference, given in an earlier post:
that has this as a specific example of when/why to use a "redirect"
rather than a "rewrite".
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] redirect port from 80 to 443
My redirect and my website is work in https port but my webserver not
display the styles maked in css.
Do you help-me?
2017-02-18 16:04 GMT-02:00 James Moe :
> On 02/18/2017 05:08 AM, Rodrigo Cunha wrote:
> > i want redirect all request from port 80 to 443.
> > what is better setting for fix this?
> >
> Better than what?
> Fix? Is it broken?
>
> RewriteCond %{HTTP_HOST} =www.example.com
> RewriteCond %{SERVER_PORT} =80
> RewriteRule ^(.*)$ https://www.example.com/$1 [R]
>
> --
> James Moe
> moe dot james at sohnen-moe dot com
> 520.743.3936
> Think.
>
>
--
Atenciosamente,
Rodrigo da Silva Cunha
São Gonçalo, RJ - Brasil
Re: [users@httpd] redirect port from 80 to 443
On 02/18/2017 05:08 AM, Rodrigo Cunha wrote:
> i want redirect all request from port 80 to 443.
> what is better setting for fix this?
>
Better than what?
Fix? Is it broken?
RewriteCond %{HTTP_HOST} =www.example.com
RewriteCond %{SERVER_PORT} =80
RewriteRule ^(.*)$ https://www.example.com/$1 [R]
--
James Moe
moe dot james at sohnen-moe dot com
520.743.3936
Think.
signature.asc
Description: OpenPGP digital signature
Re: [users@httpd] redirect port from 80 to 443
Hi, On Sat, Feb 18, 2017 at 1:08 PM, Rodrigo Cunha wrote: > Dears, i want redirect all request from port 80 to 443. > what is better setting for fix this? https://httpd.apache.org/docs/2.4/rewrite/avoid.html#redirect - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[users@httpd] redirect port from 80 to 443
Dears, i want redirect all request from port 80 to 443. what is better setting for fix this? -- Atenciosamente, Rodrigo da Silva Cunha São Gonçalo, RJ - Brasil
