Re: Redirect http to https --> was ->Re: [BugDB] Http redirected to https (PR#441)

[Owen Boyle]

RE: QUESTION FROM ADRIAN STOVALL

Hi Adrian,

I assume your problem is as follows:

- You have a normal HTTP site and an SSL site.
- A user in the HTTP site should click on a link and automatically be
redirected to the SSL site.
- The web-page in the HTTP site should *not* contain the explicit SSL
URL (e.g. https://whatever).
- This last requirement is what makes life difficult (by the way, if you
*don't* have that requirement, just explicitly link to https and you
don't need to rewrite!)

Try the following:

(1) Switch on logging; i.e. add the directives marked -->;

        RewriteEngine   on
-->     RewriteLog      logs/rewrite_log
-->     RewriteLogLevel 9
        RewriteRule     ...whatever the rule is...

Tail the logfile (i.e. # tail -f rewrite_log) while you try hits and see
what it is doing.
Also check the normal TransferLog.

(3) You need to rewrite a string in the HTTP site to turn it into a URL
which leads to the SSL site. Similarly, in the SSL directory, you need
to rewrite a URL to get back to the HTTP directory.

Look at this example:

(a) in the HTTP VirtualHost;

        DocumentRoot    /home/banana/html
        RewriteRule     ^/secure/(.*) https://www.banana.com/$1

(b) in the HTTP HTML docs;

        <a href=/secure/credit_card_form.html>This goes to the SSL
VirtualHost</a>

this gets rewritten like: 

/secure/credit_card_form.html -->
https://www.banana.com/credit_card_form.html

(c) in the SSL VirtualHost;

        DocumentRoot    /home/banana/html/secure_stuff
        RewriteRule     ^/http/(.*) http://www.banana.com/$1

(d) in SSL HTML docs;

        <a href=/http/plain_old_file.html>This goes back to good old
HTTP</a>

this gets rewritten like: 

/http/plain_old_file.html --> http://www.banana.com/plain_old_file.html

Note that the "http" and "secure" directories don't actually exist.
These are just tokens that the Rewrite engine parses and replaces with
the appropriate http:// or https:// URLs. Also note that the
DocumentRoots are different for the HTTP and SSL sites.

Best of Luck,

Owen Boyle.

-- 
SWX Swiss Exchange,  10 Cours de Rive, 1211 Geneve 3
--------------------------+-------------------------
Phone: +41 (0)22 849 5648 | Fax: +41 (0)22 849 5643
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]