2

I have configured a virtual host in Apache for serving content over SSL/TLS. Since I also want to allow other sites on my domain to use regular http, I have two document roots, one at /home/www/html and one at /home/www/html-ssl. I force SSL on my site with the following directives in a file in /etc/httpd/conf.d:

<Directory /home/www/html-ssl/foo>
    SSLOptions +StrictRequire
    SSLRequireSSL
    SSLRequire ( %{HTTP_HOST} eq "mydomain.com" )
    ErrorDocument 403 https://mydomain.com/foo
</Directory>

This redirects any requests for http://mydomain.com/foo/ to https://mydomain.com/foo/. However, when I try to access http://mydomain.com/foo without the trailing slash, Apache searches for foo in /home/www/html instead of in /home/www/html-ssl, causing a 404. Is there a way to tell Apache that http://mydomain.com/foo should really look for the directory foo in /home/www/html-ssl, and then redirect to the https site? I thought that since DirectorySlash is on, Apache would be able to figure out that foo is a directory, at which point it would see my <Directory> section above and work its magic.

Improve this question

3 Answers 3

Reset to default
2

An alternative fix would be to enforce the trailing slash on the end of your URLS - this would have the benefit of preventing duplicates if your not using Rel Canonical.

SOURCE

This will redirect all requests without a tailing / to the URL with the slash on the end. (note within the 2nd part of the bracket is those file extensions to ignore.. Since it wouldn't make sense to enforce / on a picture URL.

RewriteCond %{REQUEST_URI} !\.(php|html?|jpg|gif)$

RewriteRule ^(.*)([^/])$ http://%{HTTP_HOST}/$1$2/ [L,R=301]

Improve this answer
1
  • Thanks bybe, this looks like it will come in handy even if I don't use it for this particular issue. Commented Jun 18, 2013 at 22:23
0

Answering my own question. I'm not sure if this is the best solution, but I figured out how to do this using a combination of mod_rewrite and the <Directory> section I already had. Basically, any requests coming in on ports other than 443 were going to my non-SSL virtual host (duh), so Apache was mapping the URLs to files in the non-SSL document root (/home/www/html). If I rewrite all non-https requests for foo to https using mod_rewrite, the new requests will use port 443 and Apache can resolve to the correct directory:

RewriteEngine on
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} ^/foo [NC]
RewriteCond %{HTTP_HOST} ^mydomain.com?
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

<Directory /home/www/html-ssl/foo>
    SSLOptions +StrictRequire
    SSLRequireSSL
    SSLRequire ( %{HTTP_HOST} eq "mydomain.com" )
    ErrorDocument 403 https://mydomain.com/foo
</Directory>
Improve this answer
0

And yet another, simpler solution. Instead of using mod_rewrite, just create an alias mapping /foo to the correct directory:

Alias /foo /home/www/html-ssl/foo
<Directory /home/www/html-ssl/foo>
    SSLOptions +StrictRequire
    SSLRequireSSL
    SSLRequire ( %{HTTP_HOST} eq "mydomain.com" )
    ErrorDocument 403 https://mydomain.com/foo
</Directory>
Improve this answer

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.