The goal is to have access to a specific virtual host on port 80, to be
routed to port 443. Any other port 80 access is left as is.
So let us assume a server foo.bar.com and the specific virtual host is
webmail.bar.com
So I have tried:
<VirtualHost *:80>
ServerName webmail.bar.com
ServerAlias webmail
RewriteEngine On
ReWriteCond %{HTTP_HOST} =webmail.bar.com [NC]
RewriteCond %{SERVER_PORT} !=443
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
ExpiresDefault "access plus 10 years"
AddOutputFilterByType DEFLATE text/html text/plain text/xml
php_admin_flag session.cookie_secure "1"
</VirtualHost>
This rewrite is rewriting ALL connections to foo.bar.com. That first
ReWriteCond is not working.
Looking at this, the first thing I see 'wrong' with what I have done is:
<VirtualHost *:80>
That should probably be:
<VirtualHost webmail.bar.com:80>
But I would also like to 'help out' users that connect to
Webmail.bar.com
On 03/14/2017 02:28 AM, Nux! wrote:> Hello,
>
> a2ensite and co is Debian/ubuntu specific. On CentOS there is no such
thing.
>
> It's not clear to me what you are trying to achieve. Can you rephrase
so we can help?
>
> --
> Sent from the Delta quadrant using Borg technology!
>
> Nux!
> www.nux.ro
>
> ----- Original Message -----
>> From: "Robert Moskowitz" <rgm at htt-consult.com>
>> To: "CentOS mailing list" <centos at centos.org>
>> Sent: Tuesday, 14 March, 2017 01:31:08
>> Subject: [CentOS] httpd/sites-available directory
>> I just received some advice from a colleague of a colleague over at
>> openssl.org. But they use debian. Please look at this and help me out
>> on how Centos7 handles this:
>>
>> Note the comment of the location of virtualhost config files. Centos7
>> does not have a "man a2ensite".
>>
>> thanks
>>
>> Rewriterules and https. Actually, looking at what you have doesn't
>> really tell me why it gets applied to everything and not just the
>> webmail. However, I'd say that your roundcubemail.conf is much
>> overworked. We use something like that on openssl.org, but it
>> generally looks like this:
>>
>> <VirtualHost *:80>
>> ServerAdmin webmaster at localhost
>> ServerName ${HOSTNAME}
>> ServerAlias ${HOSTALIASES}
>>
>> Redirect permanent /https://${HOSTNAME}/
>> </VirtualHost>
>>
>> Since you already know that the host is correct and that's the port
80
>> virtualhost, there's no point testing that with those RewriteCond
you
>> have. Also, Redirect is faster and preferable to RewriteRule for this
>> kind of stuff, seehttps://httpd.apache.org/docs/2.4/rewrite/avoid.html
>>
>> Also, specifically for virtualhost config files, they should be
>> located in sites-available/ rather than conf.d/, see 'man
a2ensite'.
>> conf.d/ is older style configuration of general stuff... or well,
>> that's at least true for Debian, I'm not sure this is specific
for
>> Debian distributions and their derivates or if it's a native Apache
>> thing. You'll have to check the manuals to confirm.
>>
>>
>> _______________________________________________
>> CentOS mailing list
>> CentOS at centos.org
>> https://lists.centos.org/mailman/listinfo/centos
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos
>
If all you want is a really fast redirect, then indeed what those people advised should work. NameVirtualHost IP:80 (you only need this on apache 2.2 and lower, not needed on CentOS7 which comes with apache 2.4) <VirtualHost IP:80> ServerName webmail.bar.com Redirect permanent / https://webmail.bar.com/ </virtualHost> -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro ----- Original Message -----> From: "Robert Moskowitz" <rgm at htt-consult.com> > To: "CentOS mailing list" <centos at centos.org> > Sent: Tuesday, 14 March, 2017 18:53:49 > Subject: Re: [CentOS] httpd/sites-available directory> The goal is to have access to a specific virtual host on port 80, to be > routed to port 443. Any other port 80 access is left as is. > > So let us assume a server foo.bar.com and the specific virtual host is > webmail.bar.com > > So I have tried: > > <VirtualHost *:80> > ServerName webmail.bar.com > ServerAlias webmail > > RewriteEngine On > ReWriteCond %{HTTP_HOST} =webmail.bar.com [NC] > RewriteCond %{SERVER_PORT} !=443 > RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R] > ExpiresDefault "access plus 10 years" > AddOutputFilterByType DEFLATE text/html text/plain text/xml > php_admin_flag session.cookie_secure "1" > > </VirtualHost> > > > This rewrite is rewriting ALL connections to foo.bar.com. That first > ReWriteCond is not working. > > Looking at this, the first thing I see 'wrong' with what I have done is: > > <VirtualHost *:80> > > That should probably be: > > <VirtualHost webmail.bar.com:80> > > But I would also like to 'help out' users that connect to Webmail.bar.com > > > On 03/14/2017 02:28 AM, Nux! wrote: >> Hello, >> >> a2ensite and co is Debian/ubuntu specific. On CentOS there is no such thing. >> >> It's not clear to me what you are trying to achieve. Can you rephrase so we can >> help? >> >> -- >> Sent from the Delta quadrant using Borg technology! >> >> Nux! >> www.nux.ro >> >> ----- Original Message ----- >>> From: "Robert Moskowitz" <rgm at htt-consult.com> >>> To: "CentOS mailing list" <centos at centos.org> >>> Sent: Tuesday, 14 March, 2017 01:31:08 >>> Subject: [CentOS] httpd/sites-available directory >>> I just received some advice from a colleague of a colleague over at >>> openssl.org. But they use debian. Please look at this and help me out >>> on how Centos7 handles this: >>> >>> Note the comment of the location of virtualhost config files. Centos7 >>> does not have a "man a2ensite". >>> >>> thanks >>> >>> Rewriterules and https. Actually, looking at what you have doesn't >>> really tell me why it gets applied to everything and not just the >>> webmail. However, I'd say that your roundcubemail.conf is much >>> overworked. We use something like that on openssl.org, but it >>> generally looks like this: >>> >>> <VirtualHost *:80> >>> ServerAdmin webmaster at localhost >>> ServerName ${HOSTNAME} >>> ServerAlias ${HOSTALIASES} >>> >>> Redirect permanent /https://${HOSTNAME}/ >>> </VirtualHost> >>> >>> Since you already know that the host is correct and that's the port 80 >>> virtualhost, there's no point testing that with those RewriteCond you >>> have. Also, Redirect is faster and preferable to RewriteRule for this >>> kind of stuff, seehttps://httpd.apache.org/docs/2.4/rewrite/avoid.html >>> >>> Also, specifically for virtualhost config files, they should be >>> located in sites-available/ rather than conf.d/, see 'man a2ensite'. >>> conf.d/ is older style configuration of general stuff... or well, >>> that's at least true for Debian, I'm not sure this is specific for >>> Debian distributions and their derivates or if it's a native Apache >>> thing. You'll have to check the manuals to confirm. >>> >>> >>> _______________________________________________ >>> CentOS mailing list >>> CentOS at centos.org >>> https://lists.centos.org/mailman/listinfo/centos >> _______________________________________________ >> CentOS mailing list >> CentOS at centos.org >> https://lists.centos.org/mailman/listinfo/centos >> > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos
I see I have some things to learn, or just maybe remember about virtualhosts: https://httpd.apache.org/docs/2.4/vhosts/examples.html "The asterisks match all addresses, so the main server serves no requests. Due to the fact that the virtual host with |ServerName www.example.com| is first in the configuration file, it has the highest priority and can be seen as the default or primary server. That means that if a request is received that does not match one of the specified |ServerName <https://httpd.apache.org/docs/2.4/mod/core.html#servername>| directives, it will be served by this first |<VirtualHost> <https://httpd.apache.org/docs/2.4/mod/core.html#virtualhost>|." This means I really should have a 00-init.conf file with: <VirtualHost *:80> ServerName foo.bar.com </virtualHost> I have not figured out yet if I need some default directory section within that. Also once you have virtualhost, it seems that every directory has to be in a virtual host envelope? thanks On 03/14/2017 12:38 PM, Nux! wrote:> If all you want is a really fast redirect, then indeed what those people advised should work. > > NameVirtualHost IP:80 (you only need this on apache 2.2 and lower, not needed on CentOS7 which comes with apache 2.4) > > <VirtualHost IP:80> > ServerName webmail.bar.com > Redirect permanent / https://webmail.bar.com/ > </virtualHost> > > -- > Sent from the Delta quadrant using Borg technology! > > Nux! > www.nux.ro > > ----- Original Message ----- >> From: "Robert Moskowitz" <rgm at htt-consult.com> >> To: "CentOS mailing list" <centos at centos.org> >> Sent: Tuesday, 14 March, 2017 18:53:49 >> Subject: Re: [CentOS] httpd/sites-available directory >> The goal is to have access to a specific virtual host on port 80, to be >> routed to port 443. Any other port 80 access is left as is. >> >> So let us assume a server foo.bar.com and the specific virtual host is >> webmail.bar.com >> >> So I have tried: >> >> <VirtualHost *:80> >> ServerName webmail.bar.com >> ServerAlias webmail >> >> RewriteEngine On >> ReWriteCond %{HTTP_HOST} =webmail.bar.com [NC] >> RewriteCond %{SERVER_PORT} !=443 >> RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R] >> ExpiresDefault "access plus 10 years" >> AddOutputFilterByType DEFLATE text/html text/plain text/xml >> php_admin_flag session.cookie_secure "1" >> >> </VirtualHost> >> >> >> This rewrite is rewriting ALL connections to foo.bar.com. That first >> ReWriteCond is not working. >> >> Looking at this, the first thing I see 'wrong' with what I have done is: >> >> <VirtualHost *:80> >> >> That should probably be: >> >> <VirtualHost webmail.bar.com:80> >> >> But I would also like to 'help out' users that connect to Webmail.bar.com >> >> >> On 03/14/2017 02:28 AM, Nux! wrote: >>> Hello, >>> >>> a2ensite and co is Debian/ubuntu specific. On CentOS there is no such thing. >>> >>> It's not clear to me what you are trying to achieve. Can you rephrase so we can >>> help? >>> >>> -- >>> Sent from the Delta quadrant using Borg technology! >>> >>> Nux! >>> www.nux.ro >>> >>> ----- Original Message ----- >>>> From: "Robert Moskowitz" <rgm at htt-consult.com> >>>> To: "CentOS mailing list" <centos at centos.org> >>>> Sent: Tuesday, 14 March, 2017 01:31:08 >>>> Subject: [CentOS] httpd/sites-available directory >>>> I just received some advice from a colleague of a colleague over at >>>> openssl.org. But they use debian. Please look at this and help me out >>>> on how Centos7 handles this: >>>> >>>> Note the comment of the location of virtualhost config files. Centos7 >>>> does not have a "man a2ensite". >>>> >>>> thanks >>>> >>>> Rewriterules and https. Actually, looking at what you have doesn't >>>> really tell me why it gets applied to everything and not just the >>>> webmail. However, I'd say that your roundcubemail.conf is much >>>> overworked. We use something like that on openssl.org, but it >>>> generally looks like this: >>>> >>>> <VirtualHost *:80> >>>> ServerAdmin webmaster at localhost >>>> ServerName ${HOSTNAME} >>>> ServerAlias ${HOSTALIASES} >>>> >>>> Redirect permanent /https://${HOSTNAME}/ >>>> </VirtualHost> >>>> >>>> Since you already know that the host is correct and that's the port 80 >>>> virtualhost, there's no point testing that with those RewriteCond you >>>> have. Also, Redirect is faster and preferable to RewriteRule for this >>>> kind of stuff, seehttps://httpd.apache.org/docs/2.4/rewrite/avoid.html >>>> >>>> Also, specifically for virtualhost config files, they should be >>>> located in sites-available/ rather than conf.d/, see 'man a2ensite'. >>>> conf.d/ is older style configuration of general stuff... or well, >>>> that's at least true for Debian, I'm not sure this is specific for >>>> Debian distributions and their derivates or if it's a native Apache >>>> thing. You'll have to check the manuals to confirm. >>>> >>>> >>>> _______________________________________________ >>>> CentOS mailing list >>>> CentOS at centos.org >>>> https://lists.centos.org/mailman/listinfo/centos >>> _______________________________________________ >>> CentOS mailing list >>> CentOS at centos.org >>> https://lists.centos.org/mailman/listinfo/centos >>> >> _______________________________________________ >> CentOS mailing list >> CentOS at centos.org >> https://lists.centos.org/mailman/listinfo/centos > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos >