Of course, I see what's happening now, pound is seeing a request to https://site.com/login, decrypting the connection, sending it to http://site.com/login which is then redirecting the request back to https. therefore a loop.
ok, so what is the right way to tackle this problem? thanks mark. On Jan 15, 2013, at 10:58 AM, mark hardwick wrote: > Hi All, > I'm fairly new to both pound and apache configuration. I think the issue I'm > having is with pound configuration, but please excuse me if it's actually > apache. > > Ok, I want to configure my site so that if people head to > http://site.com/login they are redirected to https://site.com/login but, if > they try to browse to https://site.com/somewhere_else then they are > redirected to http://site.com/somewhere_else. > > I have installed my security certificate which is working. I can browse http > and https. > I have configured pound to deal with the http and https as follows: > > ListenHTTP > Address 91.187.69.155 > Port 80 > > Service > HeadRequire "(Host: flooting.com|Host: www.flooting.com)" > BackEnd > Address 192.168.0.2 > Port 80 > End > BackEnd > Address 192.168.0.3 > Port 80 > End > End > End > > ListenHTTPS > Address 91.187.69.155 > Port 443 > Cert "/etc/ssl/flooting.com.pem" > > Service > HeadRequire "(Host: flooting.com|Host: www.flooting.com)" > BackEnd > Address 192.168.0.2 > Port 80 > End > BackEnd > Address 192.168.0.3 > Port 80 > End > End > End > > > I have configured apache ReWrite rules as follows: > > RewriteEngine On > RewriteBase / > > # force https for /login and /register etc > RewriteCond %{HTTPS} =off > RewriteRule ^(login|register)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] > > # don't do anything for images/css/js (leave protocol as is) > RewriteRule \.(gif|jpe?g|png|css|js)$ - [NC,L] > > # force http for all other URLs > RewriteCond %{HTTPS} =on > RewriteCond %{REQUEST_URI} !^/(login|register|payment\/status|gopro)$ > RewriteRule .* http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] > > > However the configuration does not work. > It leads to a redirect loop error, which *appears* to be in pound. > I say that because if I browse to flooting.com/login, pound attempts to send > the request to /login about 10 times and then gives up. > At this point the browser responds with a "this webpage has a redirect loop" > error. there are no errors in the apache logs. > > I've tried get this working with just one backend webserver configured in > pound, however I still get a mail loop. > So, what am I doing wrong? Is this even remotely the correct approach to > this problem or is there a better way? > > Thanks for your help > Mark. > > > -- > To unsubscribe send an email with subject unsubscribe to [email protected]. > Please contact [email protected] for questions. -- To unsubscribe send an email with subject unsubscribe to [email protected]. Please contact [email protected] for questions.
