HTTP to HTTPS redirect fails

Discussion in 'General' started by N3RVE, Mar 28, 2015.

  1. N3RVE

    N3RVE New Member

    I entered my SSL information via the SSL section in ISPConfig and used the following to enforce a HTTPS redirect:
    Code:
    RewriteEngine on
    RewriteCond %{SERVER_PORT} !^443$
    RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R] 
    I also tried using a .htaccess file with the content here.

    Content of associated vhost:
    Code:
    <Directory /var/www/arcube.com.ng>
            AllowOverride None
                    Require all denied
            </Directory>
    
    <VirtualHost 45.56.99.63:80>
                        DocumentRoot /var/www/arcube.com.ng/web
               
            ServerName arcube.com.ng
            ServerAlias www.arcube.com.ng
            ServerAdmin [email protected]
    
            ErrorLog /var/log/ispconfig/httpd/arcube.com.ng/error.log
    
    
            <IfModule mod_ssl.c>
            </IfModule>
    
            <Directory /var/www/arcube.com.ng/web>
                    # Clear PHP settings of this website
                    <FilesMatch ".+\.ph(p[345]?|t|tml)$">
                            SetHandler None
                    </FilesMatch>
                    Options +FollowSymLinks
                    AllowOverride All
                                    Require all granted
                            </Directory>
            <Directory /var/www/clients/client1/web5/web>
                    # Clear PHP settings of this website
                    <FilesMatch ".+\.ph(p[345]?|t|tml)$">
                            SetHandler None
                    </FilesMatch>
                    Options +FollowSymLinks
                    AllowOverride All
                                    Require all granted
                            </Directory>
    
    
    
    
            # php as fast-cgi enabled
        # For config options see: http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html
            <IfModule mod_fcgid.c>
                    IdleTimeout 300
                    ProcessLifeTime 3600
                    # MaxProcessCount 1000
                    DefaultMinClassProcessCount 0
                    DefaultMaxClassProcessCount 100
                    IPCConnectTimeout 3
                    IPCCommTimeout 600
                    BusyTimeout 3600
            </IfModule>
            <Directory /var/www/arcube.com.ng/web>
                    <FilesMatch "\.php[345]?$">
                        SetHandler fcgid-script
                    </FilesMatch>
                    FCGIWrapper /var/www/php-fcgi-scripts/web5/.php-fcgi-starter .php
                    FCGIWrapper /var/www/php-fcgi-scripts/web5/.php-fcgi-starter .php3
                    FCGIWrapper /var/www/php-fcgi-scripts/web5/.php-fcgi-starter .php4
                    FCGIWrapper /var/www/php-fcgi-scripts/web5/.php-fcgi-starter .php5
                    Options +ExecCGI
                    AllowOverride All
                                    Require all granted
                            </Directory>
            <Directory /var/www/clients/client1/web5/web>
                    <FilesMatch "\.php[345]?$">
                        SetHandler fcgid-script
                    </FilesMatch>
                    FCGIWrapper /var/www/php-fcgi-scripts/web5/.php-fcgi-starter .php
                    FCGIWrapper /var/www/php-fcgi-scripts/web5/.php-fcgi-starter .php3
                    FCGIWrapper /var/www/php-fcgi-scripts/web5/.php-fcgi-starter .php4
                    FCGIWrapper /var/www/php-fcgi-scripts/web5/.php-fcgi-starter .php5
                    Options +ExecCGI
                    AllowOverride All
                                    Require all granted
                            </Directory>
    
    
            # add support for apache mpm_itk
            <IfModule mpm_itk_module>
                AssignUserId web5 client1
            </IfModule>
    
            <IfModule mod_dav_fs.c>
            # Do not execute PHP files in webdav directory
                <Directory /var/www/clients/client1/web5/webdav>
                    <ifModule mod_security2.c>
                        SecRuleRemoveById 960015
                        SecRuleRemoveById 960032
                    </ifModule>
                    <FilesMatch "\.ph(p3?|tml)$">
                        SetHandler None
                    </FilesMatch>
                </Directory>
                DavLockDB /var/www/clients/client1/web5/tmp/DavLock
                # DO NOT REMOVE THE COMMENTS!
                # IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!
          # WEBDAV BEGIN
                # WEBDAV END
            </IfModule>
    
    
    </VirtualHost>
    I've also noticed that despite the HTTPS working, the vhost still contains :80 instead of :443. What am I doing wrong?
     
  2. florian030

    florian030 ISPConfig Developer ISPConfig Developer

    With Apache you can use
    Code:
    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
    And donĀ“t forget to enable SSL for this site (and create the certificate).
     
    buffus likes this.
  3. N3RVE

    N3RVE New Member

    After placing that into the Apache Directives filed in ISPConfig, request to http/https do not work (the page doesn't load). The browser (Google Chrome) returns an error: "This webpage has a redirect loop".
    Removing the code from the Apache Directives field returns the site back to working other with both HTTP and HTTPS, with no redirect.
    This was the same problem I had using the redirect code above. Certificates have been installed from the SSL tab within ISPConfig and work when I manually put HTTPS into the browser.

    Update:
    After deleting the content in the Apache directives field, I switched to the redirect tab and inserted the full URL including https:// as the redirect path and tried both R,L and permanent. Nothing happened with permanent, R,L however caused the same issue with the redirect loop error.
     
    Last edited: Mar 29, 2015
  4. N3RVE

    N3RVE New Member

    It turned out that CloudFlare was responsible for the infinite redirect loop. I resulted to using Page Rules from CloudFlare to force a HTTPS redirect. Thanks for the help :)
     

Share This Page