Yoom Nguyen wrote: > I have this rewrite rule implemented and it will work fine if I access to > Apache > web server directly. But, if the traffic route to a load balancer (F5) then > to the Apache server > it won't work. The browser will trying to open the maintenance.html page and > nothing will display and > it won't give any error either.
> Here is what the load balancer F5 does, F5 perform a https server for the
> Apache server.
> So any traffic reply from Apache on port 80 will be display on port 443 on
> the end user's browser.
> Is there a way to change the RewriteCond or RewriteRule to accommodate the
> Https issues???
You basically have two options:
- You can change the RewriteRule to be a full URL so you end up with
something like
RewriteRule ^(.*)$ https://<hostname>/maintenance.html [R=302,NC,L]
Or, you can, in the F5 Big-IP, in the http profile you use on the
virtual server, you can set the "Redirect Rewrite" pulldown to either
"Matching" or "All"
The Redirect Rewrite in the F5 Big-IP will alter redirects being sent
back out from back-end servers (such as Apache in your case) that don't
know the connection really came in on an HTTPS connection so that the
scheme that is sent back for the Location: is https instead of plain http.
We use the http profile in the F5 Big-IP to do it, and it works great.
> The below syntax was recommended by Eric Covener? and it works for going
> direct to Apache but not going through
> the F5 load balancer.
>
>
> DocumentRoot /srv/www/maintenance/
>
> # Rewrite Rules
> RewriteEngine on
> RewriteCond %{REQUEST_URI} !=/maintenance.html
>
> # Apache log files and location
> ErrorLog /var/log/apache2/maintenance.error_log
> CustomLog /var/log/apache2/maintenance.access_log combined
>
> # Redirect rule
> RewriteRule ^(.*)$ /maintenance.html [R=302,NC,L]
>
> ######### Local server landing page #########################
> <Directory "/srv/www/maintenance/">
> Options None
> Order allow,deny
> Allow from all
> </Directory>
>
>
> Thanks much,
>
> Y
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> " from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
--
Jeff McAdams
"They that can give up essential liberty to obtain a
little temporary safety deserve neither liberty nor safety."
-- Benjamin Franklin
signature.asc
Description: OpenPGP digital signature
