I need to renew my letsencrypt certificate. For that, I need to disable the http to https redirect.
However I can't manage to to that.
I am running Apache und Raspbian. Here's my sites-available/000-default.conf:
<VirtualHost *:80>
ServerAdmin example#mail.com
DocumentRoot "/var/www/html/tennis/public"
DirectoryIndex index.php
<Directory /var/www/html/tennis/public>
Options All
AllowOverride All
Order Allow,Deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
#RewriteEngine on
#RewriteCond %{SERVER_NAME} = my.domain.com
#RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
I though commenting the last three lines out would solve the problem, however I still get an 301 redirect to https.
My .htaccess looks like this:
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews -Indexes
</IfModule>
#Header always edit Set-Cookie (.*) $1;Secure
Header always append X-Frame-Options DENY
#Header set Connection keep-alive
RewriteEngine On
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.+)/$
RewriteRule ^ %1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>
I can reach the website via http if I use the IP address, so I know that http is still working.
So I can't figure out on which point I still got the redirect to https. When installing the certificate the first time, I used the certbot to always redirect to https, may be it sets this redirect somewhere else?
Okay, this is not a problem from my side at all. My dyndns provider got an issue with his certificates and therefore this error occurs.
Related
Hi I am having a little problem after using permalinks wordpress, the https version of the site shows the Apache start page. On the http version, the site and all permalinks work fine. I also want to say that without using permalinks, the site on http and https works well. I am using CentOS 8
My .htaccess
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
My httpd.conf
IncludeOptional conf.d/*.conf
<VirtualHost *:443>
DocumentRoot "/var/www/wordpress"
ServerAlias www.example.com
<Directory "/var/www/wordpress">
allow from all
Options None
Require all granted
</Directory>
SSLEngine on
SSLProtocol +TLSv1.1 +TLSv1.2
SSLCertificateFile /var/ssls/cazzy_store.crt
SSLCertificateKeyFile /var/ssls/cazzy.key
SSLCACertificateFile /var/ssls/cazzy_store.ca-bundle
</VirtualHost>
I tried adding AllowOverride All ”to the <Directory” in my httpd.conf file but it didn't help
I solved the problem by adding this to my .htaccess file
<IfModule mod_rewrite.c>
RewriteEngine On
Options +FollowSymLinks
</IfModule>
I have a subdirectory (app) I want to access that is in the root folder of my wordpress site. I have looked here:
https://wordpress.stackexchange.com/questions/20152/cannot-access-non-wordpress-subdirectories-as-wordpress-overrides-them-with-a-40
I have tried the solutions and nothing worked.
I also tried adding a separate .htaccess file to the app subdirectory that looks like this:
DirectoryIndex index.php index.html index.htm
Options +Indexes
But it didn't seem to help:
The main .htaccess I am trying with now looks like this:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} ^/app/(.*)$ [OR]
RewriteRule ^.*$ - [L]
</IfModule>
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
I get a 404 error.
What am I doing wrong? If I am viewing the site on an iPhone, is clearing the safari history on the phone enough to refresh the data so it recognizes the new .htaccess? Thanks.
UPDATE
I added:
<Directory "/home/eamondev/public_html/subconscious/">
Options All
AllowOverride All
Require all granted
</Directory>
to a .conf file that gets Includeed in httpd.conf, restarted apache, but didn't help.
I also tried:
<Directory "/home/eamondev/public_html/subconscious/">
AllowOverride All
</Directory>
and it didn't work, I'm not sure if I only need AllowOverride All - either way this doesn't seem to help.
UPDATE
In a .conf file that is Included in httpd.conf, I tried:
<VirtualHost 162.241.180.99:80>
ServerName eamondev.com
DocumentRoot /home/eamondev/public_html
<Directory "/home/eamondev/public_html/">
AllowOverride All
</Directory>
</VirtualHost>
but it didn't help.
Is there any reason I shouldn't just make another subdomain on my server and host the files out of there so reaching them doesn't conflict with my wordpress site?
Use below code i think it will work.
<IfModule mod_rewrite.c>
RewriteEngine On
# Map http://www.example.com to /app.
RewriteRule ^$ /app/ [L]
# Map http://www.example.com/x to /app/x unless there is a x in the web root.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/app/
RewriteRule ^(.*)$ /app/$1
# Add trailing slash to directories within app
# This does not expose the internal URL.
RewriteCond %{SCRIPT_FILENAME} -d
RewriteRule ^app/(.*[^/])$ http://www.example.com/$1/ [R=301]
</IfModule>
Turns out, my domain hadn't propagated yet, so it wasn't possible to see/test any of the changes I was making. Before I realized that it was still propagating, I also thought to just create another subdomain and host the files I needed to from there.
I want to redirect non-www to www version of the website. I've redirected many sites but never had this problem. I have a typical WP installation on Apache/2.4.27 (Ubuntu) server.
I've placed the following code before # BEGIN WordPress
RewriteEngine on
RewriteCond %{HTTP_HOST} ^mywebsite.com [NC]
RewriteRule ^(.*)$ http://www.mywebsite.com/$1 [L,R=301,NC]
I also tried this with no results.
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} ^mywebsite\.com [NC]
RewriteRule ^(.*)$ http://www.mywebsite.com/$1 [L,R=301]
</IfModule>
Everything I do, I get: FORBIDDEN - You don't have permission to access / on this server.
How to make this redirect to work? Is there something I should pay attention to on the server side?
Have you tried to modify httpd.conf?
RedirectPermanent is a good choice to replace .htaccess if not works.
example:
<VirtualHost *:80>
ServerName xy.example.com
RedirectPermanent / http://abc.example.com/
# optionally add an AccessLog directive for
# logging the requests and do some statistics
</VirtualHost>
Ok I know this hasn't been answered a lot, but I've been using a lot of various different solutions but none of them are working for me.
I'm trying to use mod_rewrite in my htaccess to redirect all www.domain.com to domain.com - standard enough.
The site is a wordpress site, and it's always worked for me without any problems using any of the following
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
Or
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www.domain.com [nocase]
RewriteRule ^(.*) http://domain.com/$1 [last,redirect=301]
I've tried a few other ones as well but none seem to work!
It may also be worth bearing in mind the following are also in the htaccess from wordpress
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
I have also checked to see if mod_rewrite is even enabled and it appears to be based on the methods in tried here How to check if mod_rewrite is enabled in php? (Christian Roy's solution)
The server is a small droplet with Ubuntu 12.10 hosted with digital ocean if that helps? I followed this guide to ensure .htaccess was activated https://www.digitalocean.com/community/articles/how-to-use-the-htaccess-file (main change was changing AllowOveride to ALL)
Anyone any ideas? I'm lost at this stage!
Thanks
Updated htaccess file contents as requested
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteRule ^(.*)$ http://domain.com/$1 [R=301,L]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
**Updated with Virtual Host File **
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot /home/wordpress/public_html
Servername domain.com
ServerAlias www.domain.com
<Directory /home/wordpress/public_html>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
It will work but you need to make sure 2 things:
You place www removal rule as the first rule before regular WP rules.
Update WP permalink settings to have blog/home address as without www
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteRule ^(.*)$ http://domain.com/$1 [R=301,L]
should do it. As advised before, it should probably be done before WP-specific rewrites.
I got Mixed Content errors on wordpress site, after I set up automatic redirection from http to https on apache.
Mixed Content: The page at 'https://example.example.com/' was loaded over HTTPS, but requested an insecure stylesheet http://example.example.com/wp-content/uploads/elementor/css/post-2612.css?ver=1481615259'. This request has been blocked; the content must be served over HTTPS
I want to know if the problem with my htaccess / virtualhost or maybe with the code, css, etc..
My htaccess code looks like this:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
My VirtualHost looks like this:
<VirtualHost *:80>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R=301,L]
ServerName example.example.com
ServerAdmin hostmaster#example.com
DocumentRoot /mnt/data/html1
ErrorLog /mnt/data/html1/example.example.com_error.log
CustomLog /mnt/data/html1/example.example.com_access_log combined env=!dontlog
</VirtualHost>
<VirtualHost _default_:443>
SSLEngine on
RewriteEngine On
RewriteCond %{HTTPS} on
SSLCertificateFile /etc/httpd/sites-available/crt.crt
SSLCertificateKeyFile /etc/httpd/sites-available/pem.pem
ServerName example.example.com
DocumentRoot /mnt/data/html1
ErrorLog /mnt/data/html1/example.example.com_error.log
CustomLog /mnt/data/html1/example.example.com_access_log combined env=!dontlog
</VirtualHost>
<Directory "/mnt/data/html1">
AuthType Basic
AuthName "Restricted Content"
AuthUserFile /mnt/data/html1/.htpasswd
Require valid-user
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
Tracking down and solving all mixed content issues can be annoying. Here's an excellent guide from google to methodically go through it.
https://developers.google.com/web/fundamentals/security/prevent-mixed-content/fixing-mixed-content
personally i have been using cloudflare's auto rewrite system at DNS level, which is completely turnkey and an excellent trick for the lazy.
Although chrome should identify the difference between content loaded via 3rd party (let's say you have JS vendor lib which is pulling in assets from somewhere, I understand this sometimes contributes to the warning, reviewing your network tab in browser will identify which outbound links are triggering the problem.