Mailing List Archive

On Monday 12 October 2020 at 07:25:56, Jason Long wrote:

> Hello,
> Forwarding an IP address to HTTPS domain is the task of Apache or SSL?

What do you mean by "forwarding", and what protocol (presumably either HTTP or
HTTPS) is being used by the client application which starts the connection
(ie: a web browser or equivalent)?

Please give more details about your question so that we have a better idea
what the correct answer might be.


Antony.

--
Numerous psychological studies over the years have demonstrated that the
majority of people genuinely believe they are not like the majority of people.

Please reply to the list;
please *don't* CC me.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Thank you.
I want when a user enter my server IP address in his\her browser then it forward to "https://mywebsite.com".






On Monday, October 12, 2020, 12:14:31 PM GMT+3:30, Antony Stone <antony.stone@apache.open.source.it> wrote:





On Monday 12 October 2020 at 07:25:56, Jason Long wrote:

> Hello,
> Forwarding an IP address to HTTPS domain is the task of Apache or SSL?

What do you mean by "forwarding", and what protocol (presumably either HTTP or
HTTPS) is being used by the client application which starts the connection
(ie: a web browser or equivalent)?

Please give more details about your question so that we have a better idea
what the correct answer might be.


Antony.

--
Numerous psychological studies over the years have demonstrated that the
majority of people genuinely believe they are not like the majority of people.

                                                  Please reply to the list;
                                                        please *don't* CC me.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Yes - with Apache you put a default virtual host which redirects all traffic to your https server

<VirtualHost *:80>
RequestHeader unset X-is-ssl
<Location />
<Limit OPTIONS>
Require all denied
</Limit>
Require all granted
</Location>
ProxyPreserveHost on
RewriteEngine on
RewriteRule ^(.*)$ https://myservername.com%{REQUEST_URI} [R=permanent,L,NE]
</VirtualHost>

You can do something for 443 as well.

-----Original Message-----
From: Jason Long <hack3rcon@yahoo.com.INVALID>
Sent: 12 October 2020 14:10
To: users@httpd.apache.org
Subject: Re: [users@httpd] Forwarding IP to HTTPS. [EXT]

Thank you.
I want when a user enter my server IP address in his\her browser then it forward to "https://urldefense.proofpoint.com/v2/url?u=https-3A__mywebsite.com&d=DwIFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=rK8vCBmQ5CHbZU9JjXzRNDNz8RofAv82ZlfXjYIEtgY&s=rt4c_6jtMKJiE15dKtx138HTXgpDRMPcmCGbZ0yYwZk&e= ".






On Monday, October 12, 2020, 12:14:31 PM GMT+3:30, Antony Stone <antony.stone@apache.open.source.it> wrote:





On Monday 12 October 2020 at 07:25:56, Jason Long wrote:

> Hello,
> Forwarding an IP address to HTTPS domain is the task of Apache or SSL?

What do you mean by "forwarding", and what protocol (presumably either HTTP or
HTTPS) is being used by the client application which starts the connection
(ie: a web browser or equivalent)?

Please give more details about your question so that we have a better idea what the correct answer might be.


Antony.

--
Numerous psychological studies over the years have demonstrated that the
majority of people genuinely believe they are not like the majority of people.

                                                  Please reply to the list;
                                                        please *don't* CC me.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org




--
The Wellcome Sanger Institute is operated by Genome Research
Limited, a charity registered in England with number 1021457 and a
company registered in England with number 2742969, whose registered
office is 215 Euston Road, London, NW1 2BE.???????????????????????????????????????????????????????????????????????F?V?7V'67&?&R?R???âW6W'2?V?7V'67&?&T?GGB?6?R??&p?f?"FF?F????6????G2?R???âW6W'2?V??GGB?6?R??&p

On 10/12/2020 9:09 AM, Jason Long wrote:
> Thank you.
> I want when a user enter my server IP address in his\her browser then it forward to "https://mywebsite.com".

Most users will not enter an IP address, but rather a domain name. For
those that enter a domain name (https://mywebstie.com) first DNS is
involved to resolve the domain name to an IP address.

For the most part, along with possible forward or reverse proxies... the
client browser is then in communication with your mywebsite.com web
server using SSL over the http protocol.

Jim


>
>
>
>
>
>
> On Monday, October 12, 2020, 12:14:31 PM GMT+3:30, Antony Stone <antony.stone@apache.open.source.it> wrote:
>
>
>
>
>
> On Monday 12 October 2020 at 07:25:56, Jason Long wrote:
>
>> Hello,
>> Forwarding an IP address to HTTPS domain is the task of Apache or SSL?
> What do you mean by "forwarding", and what protocol (presumably either HTTP or
> HTTPS) is being used by the client application which starts the connection
> (ie: a web browser or equivalent)?
>
> Please give more details about your question so that we have a better idea
> what the correct answer might be.
>
>
> Antony.
>



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Thank you.
I added that lines to my Virtual Host file but it show me "Your connection is not private".






On Monday, October 12, 2020, 05:16:27 PM GMT+3:30, James Smith <js5@sanger.ac.uk> wrote:





Yes - with Apache you put a default virtual host which redirects all traffic to your https server

<VirtualHost *:80>
  RequestHeader unset X-is-ssl
  <Location />
    <Limit OPTIONS>
      Require all denied
    </Limit>
    Require all granted
  </Location>
  ProxyPreserveHost on
  RewriteEngine    on
  RewriteRule      ^(.*)$ https://myservername.com%{REQUEST_URI} [R=permanent,L,NE]
</VirtualHost>

You can do something for 443 as well.

-----Original Message-----
From: Jason Long <hack3rcon@yahoo.com.INVALID>
Sent: 12 October 2020 14:10
To: users@httpd.apache.org
Subject: Re: [users@httpd] Forwarding IP to HTTPS. [EXT]

Thank you.
I want when a user enter my server IP address in his\her browser then it forward to "https://urldefense.proofpoint.com/v2/url?u=https-3A__mywebsite.com&d=DwIFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=rK8vCBmQ5CHbZU9JjXzRNDNz8RofAv82ZlfXjYIEtgY&s=rt4c_6jtMKJiE15dKtx138HTXgpDRMPcmCGbZ0yYwZk&e= ".






On Monday, October 12, 2020, 12:14:31 PM GMT+3:30, Antony Stone <antony.stone@apache.open.source.it> wrote:





On Monday 12 October 2020 at 07:25:56, Jason Long wrote:

> Hello,
> Forwarding an IP address to HTTPS domain is the task of Apache or SSL?

What do you mean by "forwarding", and what protocol (presumably either HTTP or
HTTPS) is being used by the client application which starts the connection
(ie: a web browser or equivalent)?

Please give more details about your question so that we have a better idea what the correct answer might be.


Antony.

--
Numerous psychological studies over the years have demonstrated that the
majority of people genuinely believe they are not like the majority of people.

                                                  Please reply to the list;
                                                        please *don't* CC me.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org





--
The Wellcome Sanger Institute is operated by Genome Research
Limited, a charity registered in England with number 1021457 and a
company registered in England with number 2742969, whose registered
office is 215 Euston Road, London, NW1 2BE. ???????????????????????????????????????????????????????????????????????F?V?7V'67&?&R?R???âW6W'2?V?7V'67&?&T?GGB?6?R??&p?f?"FF?F????6????G2?R???âW6W'2?V??GGB?6?R??&p?

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

I would take a step back. The approach stated below is not only
convoluted, but ignores the existing configuration.

First, run apachectl -S to see what your existing vhosts are set up as.

Then, from the default (first) vhost, you simply need a ServerName
directive, and Redirect. The former is required for name-based vhosts:

<VirtualHost *:80>
ServerName defaultvhost
Redirect / https://hostname.tld/
</VirtualHost>

If you don't want to use your existing first vhost as a default for
http://ip/ requests, define another.

On 12/10/20 10:26 AM, Jason Long wrote:
> Thank you.
> I added that lines to my Virtual Host file but it show me "Your connection is not private".
>
>
>
>
>
>
> On Monday, October 12, 2020, 05:16:27 PM GMT+3:30, James Smith <js5@sanger.ac.uk> wrote:
>
>
>
>
>
> Yes - with Apache you put a default virtual host which redirects all traffic to your https server
>
> <VirtualHost *:80>
> RequestHeader unset X-is-ssl
> <Location />
> <Limit OPTIONS>
> Require all denied
> </Limit>
> Require all granted
> </Location>
> ProxyPreserveHost on
> RewriteEngine on
> RewriteRule ^(.*)$ https://myservername.com%{REQUEST_URI} [R=permanent,L,NE]
> </VirtualHost>
>
> You can do something for 443 as well.
>
> -----Original Message-----
> From: Jason Long <hack3rcon@yahoo.com.INVALID>
> Sent: 12 October 2020 14:10
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] Forwarding IP to HTTPS. [EXT]
>
> Thank you.
> I want when a user enter my server IP address in his\her browser then it forward to "https://urldefense.proofpoint.com/v2/url?u=https-3A__mywebsite.com&d=DwIFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=rK8vCBmQ5CHbZU9JjXzRNDNz8RofAv82ZlfXjYIEtgY&s=rt4c_6jtMKJiE15dKtx138HTXgpDRMPcmCGbZ0yYwZk&e= ".
>
>
>
>
>
>
> On Monday, October 12, 2020, 12:14:31 PM GMT+3:30, Antony Stone <antony.stone@apache.open.source.it> wrote:
>
>
>
>
>
> On Monday 12 October 2020 at 07:25:56, Jason Long wrote:
>
>> Hello,
>> Forwarding an IP address to HTTPS domain is the task of Apache or SSL?
>
> What do you mean by "forwarding", and what protocol (presumably either HTTP or
> HTTPS) is being used by the client application which starts the connection
> (ie: a web browser or equivalent)?
>
> Please give more details about your question so that we have a better idea what the correct answer might be.
>
>
> Antony.
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

# apachectl -S
#

My Virtual Host configuration is:

<VirtualHost *:80>
Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"
ServerAdmin root@localhost
ServerName www.example.com
ServerAlias www.example.com
DocumentRoot /var/www/wp
<Directory "/var/www/wp">
Options Indexes FollowSymLinks
AllowOverride all
Require all granted
</Directory>
ErrorLog /var/log/httpd/wordpress_error.log
CustomLog /var/log/httpd/wordpress_access.log common
RewriteEngine on
RewriteCond %{SERVER_NAME} =example.com [OR]
RewriteCond %{SERVER_NAME} =www.example.com [OR]
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
Redirect permanent / https://www.example.com
</VirtualHost>







On Monday, October 12, 2020, 06:06:32 PM GMT+3:30, Frank <thumbs@apache.org> wrote:





I would take a step back. The approach stated below is not only
convoluted, but ignores the existing configuration.

First, run apachectl -S to see what your existing vhosts are set up as.

Then, from the default (first) vhost, you simply need a ServerName
directive, and Redirect. The former is required for name-based vhosts:

<VirtualHost *:80>
ServerName defaultvhost
Redirect / https://hostname.tld/
</VirtualHost>

If you don't want to use your existing first vhost as a default for
http://ip/ requests, define another.

On 12/10/20 10:26 AM, Jason Long wrote:
> Thank you.
> I added that lines to my Virtual Host file but it show me "Your connection is not private".
>
>
>
>
>
>
> On Monday, October 12, 2020, 05:16:27 PM GMT+3:30, James Smith <js5@sanger.ac.uk> wrote:
>
>
>
>
>
> Yes - with Apache you put a default virtual host which redirects all traffic to your https server
>
> <VirtualHost *:80>
>  RequestHeader unset X-is-ssl
>  <Location />
>    <Limit OPTIONS>
>      Require all denied
>    </Limit>
>    Require all granted
>  </Location>
>  ProxyPreserveHost on
>  RewriteEngine    on
>  RewriteRule      ^(.*)$ https://myservername.com%{REQUEST_URI} [R=permanent,L,NE]
> </VirtualHost>
>
> You can do something for 443 as well.
>
> -----Original Message-----
> From: Jason Long <hack3rcon@yahoo.com.INVALID>
> Sent: 12 October 2020 14:10
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] Forwarding IP to HTTPS. [EXT]
>
> Thank you.
> I want when a user enter my server IP address in his\her browser then it forward to "https://urldefense.proofpoint.com/v2/url?u=https-3A__mywebsite.com&d=DwIFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=rK8vCBmQ5CHbZU9JjXzRNDNz8RofAv82ZlfXjYIEtgY&s=rt4c_6jtMKJiE15dKtx138HTXgpDRMPcmCGbZ0yYwZk&e= ".
>
>
>
>
>
>
> On Monday, October 12, 2020, 12:14:31 PM GMT+3:30, Antony Stone <antony.stone@apache.open.source.it> wrote:
>
>
>
>
>
> On Monday 12 October 2020 at 07:25:56, Jason Long wrote:
>
>> Hello,
>> Forwarding an IP address to HTTPS domain is the task of Apache or SSL?
>
> What do you mean by "forwarding", and what protocol (presumably either HTTP or
> HTTPS) is being used by the client application which starts the connection
> (ie: a web browser or equivalent)?
>
> Please give more details about your question so that we have a better idea what the correct answer might be.
>
>
> Antony.
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Always match the trailing slashes when redirecting.

On 12/10/20 10:43 AM, Jason Long wrote:
> # apachectl -S
> #
>
> My Virtual Host configuration is:
>
> <VirtualHost *:80>
> Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"
> ServerAdmin root@localhost
> ServerName www.example.com
> ServerAlias www.example.com
> DocumentRoot /var/www/wp
> <Directory "/var/www/wp">
> Options Indexes FollowSymLinks
> AllowOverride all
> Require all granted
> </Directory>
> ErrorLog /var/log/httpd/wordpress_error.log
> CustomLog /var/log/httpd/wordpress_access.log common
> RewriteEngine on
> RewriteCond %{SERVER_NAME} =example.com [OR]
> RewriteCond %{SERVER_NAME} =www.example.com [OR]
> RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
> Redirect permanent / https://www.example.com
> </VirtualHost>
>
>
>
>
>
>
>
> On Monday, October 12, 2020, 06:06:32 PM GMT+3:30, Frank <thumbs@apache.org> wrote:
>
>
>
>
>
> I would take a step back. The approach stated below is not only
> convoluted, but ignores the existing configuration.
>
> First, run apachectl -S to see what your existing vhosts are set up as.
>
> Then, from the default (first) vhost, you simply need a ServerName
> directive, and Redirect. The former is required for name-based vhosts:
>
> <VirtualHost *:80>
> ServerName defaultvhost
> Redirect / https://hostname.tld/
> </VirtualHost>
>
> If you don't want to use your existing first vhost as a default for
> http://ip/ requests, define another.
>
> On 12/10/20 10:26 AM, Jason Long wrote:
>> Thank you.
>> I added that lines to my Virtual Host file but it show me "Your connection is not private".
>>
>>
>>
>>
>>
>>
>> On Monday, October 12, 2020, 05:16:27 PM GMT+3:30, James Smith <js5@sanger.ac.uk> wrote:
>>
>>
>>
>>
>>
>> Yes - with Apache you put a default virtual host which redirects all traffic to your https server
>>
>> <VirtualHost *:80>
>> RequestHeader unset X-is-ssl
>> <Location />
>> <Limit OPTIONS>
>> Require all denied
>> </Limit>
>> Require all granted
>> </Location>
>> ProxyPreserveHost on
>> RewriteEngine on
>> RewriteRule ^(.*)$ https://myservername.com%{REQUEST_URI} [R=permanent,L,NE]
>> </VirtualHost>
>>
>> You can do something for 443 as well.
>>
>> -----Original Message-----
>> From: Jason Long <hack3rcon@yahoo.com.INVALID>
>> Sent: 12 October 2020 14:10
>> To: users@httpd.apache.org
>> Subject: Re: [users@httpd] Forwarding IP to HTTPS. [EXT]
>>
>> Thank you.
>> I want when a user enter my server IP address in his\her browser then it forward to "https://urldefense.proofpoint.com/v2/url?u=https-3A__mywebsite.com&d=DwIFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=rK8vCBmQ5CHbZU9JjXzRNDNz8RofAv82ZlfXjYIEtgY&s=rt4c_6jtMKJiE15dKtx138HTXgpDRMPcmCGbZ0yYwZk&e= ".
>>
>>
>>
>>
>>
>>
>> On Monday, October 12, 2020, 12:14:31 PM GMT+3:30, Antony Stone <antony.stone@apache.open.source.it> wrote:
>>
>>
>>
>>
>>
>> On Monday 12 October 2020 at 07:25:56, Jason Long wrote:
>>
>>> Hello,
>>> Forwarding an IP address to HTTPS domain is the task of Apache or SSL?
>>
>> What do you mean by "forwarding", and what protocol (presumably either HTTP or
>> HTTPS) is being used by the client application which starts the connection
>> (ie: a web browser or equivalent)?
>>
>> Please give more details about your question so that we have a better idea what the correct answer might be.
>>
>>
>> Antony.
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Excuse me, How?






On Monday, October 12, 2020, 06:29:38 PM GMT+3:30, Frank Gingras <francois.gingras@gmail.com> wrote:





Always match the trailing slashes when redirecting.

On 12/10/20 10:43 AM, Jason Long wrote:
> # apachectl -S
> #
>
> My Virtual Host configuration is:
>
> <VirtualHost *:80>
> Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"
> ServerAdmin root@localhost
> ServerName www.example.com
> ServerAlias www.example.com
> DocumentRoot /var/www/wp
> <Directory "/var/www/wp">
> Options Indexes FollowSymLinks
> AllowOverride all
> Require all granted
> </Directory>
> ErrorLog /var/log/httpd/wordpress_error.log
> CustomLog /var/log/httpd/wordpress_access.log common
> RewriteEngine on
> RewriteCond %{SERVER_NAME} =example.com [OR]
> RewriteCond %{SERVER_NAME} =www.example.com [OR]
> RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
> Redirect permanent / https://www.example.com
> </VirtualHost>
>
>
>
>
>
>
>
> On Monday, October 12, 2020, 06:06:32 PM GMT+3:30, Frank <thumbs@apache.org> wrote:
>
>
>
>
>
> I would take a step back. The approach stated below is not only
> convoluted, but ignores the existing configuration.
>
> First, run apachectl -S to see what your existing vhosts are set up as.
>
> Then, from the default (first) vhost, you simply need a ServerName
> directive, and Redirect. The former is required for name-based vhosts:
>
> <VirtualHost *:80>
> ServerName defaultvhost
> Redirect / https://hostname.tld/
> </VirtualHost>
>
> If you don't want to use your existing first vhost as a default for
> http://ip/ requests, define another.
>
> On 12/10/20 10:26 AM, Jason Long wrote:
>> Thank you.
>> I added that lines to my Virtual Host file but it show me "Your connection is not private".
>>
>>
>>
>>
>>
>>
>> On Monday, October 12, 2020, 05:16:27 PM GMT+3:30, James Smith <js5@sanger.ac.uk> wrote:
>>
>>
>>
>>
>>
>> Yes - with Apache you put a default virtual host which redirects all traffic to your https server
>>
>> <VirtualHost *:80>
>>  RequestHeader unset X-is-ssl
>>  <Location />
>>    <Limit OPTIONS>
>>      Require all denied
>>    </Limit>
>>    Require all granted
>>  </Location>
>>  ProxyPreserveHost on
>>  RewriteEngine    on
>>  RewriteRule      ^(.*)$ https://myservername.com%{REQUEST_URI} [R=permanent,L,NE]
>> </VirtualHost>
>>
>> You can do something for 443 as well.
>>
>> -----Original Message-----
>> From: Jason Long <hack3rcon@yahoo.com.INVALID>
>> Sent: 12 October 2020 14:10
>> To: users@httpd.apache.org
>> Subject: Re: [users@httpd] Forwarding IP to HTTPS. [EXT]
>>
>> Thank you.
>> I want when a user enter my server IP address in his\her browser then it forward to "https://urldefense.proofpoint.com/v2/url?u=https-3A__mywebsite.com&d=DwIFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=rK8vCBmQ5CHbZU9JjXzRNDNz8RofAv82ZlfXjYIEtgY&s=rt4c_6jtMKJiE15dKtx138HTXgpDRMPcmCGbZ0yYwZk&e= ".
>>
>>
>>
>>
>>
>>
>> On Monday, October 12, 2020, 12:14:31 PM GMT+3:30, Antony Stone <antony.stone@apache.open.source.it> wrote:
>>
>>
>>
>>
>>
>> On Monday 12 October 2020 at 07:25:56, Jason Long wrote:
>>
>>> Hello,
>>> Forwarding an IP address to HTTPS domain is the task of Apache or SSL?
>>
>> What do you mean by "forwarding", and what protocol (presumably either HTTP or
>> HTTPS) is being used by the client application which starts the connection
>> (ie: a web browser or equivalent)?
>>
>> Please give more details about your question so that we have a better idea what the correct answer might be.
>>
>>
>> Antony.
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org

>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

You can compare my redirect directive with yours. There is a subtle
difference.

Also, you don't need a documentroot in a vhost if you redirect every
request.

On 12/10/20 11:02 AM, Jason Long wrote:
> Excuse me, How?
>
>
>
>
>
>
> On Monday, October 12, 2020, 06:29:38 PM GMT+3:30, Frank Gingras <francois.gingras@gmail.com> wrote:
>
>
>
>
>
> Always match the trailing slashes when redirecting.
>
> On 12/10/20 10:43 AM, Jason Long wrote:
>> # apachectl -S
>> #
>>
>> My Virtual Host configuration is:
>>
>> <VirtualHost *:80>
>> Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"
>> ServerAdmin root@localhost
>> ServerName www.example.com
>> ServerAlias www.example.com
>> DocumentRoot /var/www/wp
>> <Directory "/var/www/wp">
>> Options Indexes FollowSymLinks
>> AllowOverride all
>> Require all granted
>> </Directory>
>> ErrorLog /var/log/httpd/wordpress_error.log
>> CustomLog /var/log/httpd/wordpress_access.log common
>> RewriteEngine on
>> RewriteCond %{SERVER_NAME} =example.com [OR]
>> RewriteCond %{SERVER_NAME} =www.example.com [OR]
>> RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
>> Redirect permanent / https://www.example.com
>> </VirtualHost>
>>
>>
>>
>>
>>
>>
>>
>> On Monday, October 12, 2020, 06:06:32 PM GMT+3:30, Frank <thumbs@apache.org> wrote:
>>
>>
>>
>>
>>
>> I would take a step back. The approach stated below is not only
>> convoluted, but ignores the existing configuration.
>>
>> First, run apachectl -S to see what your existing vhosts are set up as.
>>
>> Then, from the default (first) vhost, you simply need a ServerName
>> directive, and Redirect. The former is required for name-based vhosts:
>>
>> <VirtualHost *:80>
>> ServerName defaultvhost
>> Redirect / https://hostname.tld/
>> </VirtualHost>
>>
>> If you don't want to use your existing first vhost as a default for
>> http://ip/ requests, define another.
>>
>> On 12/10/20 10:26 AM, Jason Long wrote:
>>> Thank you.
>>> I added that lines to my Virtual Host file but it show me "Your connection is not private".
>>>
>>>
>>>
>>>
>>>
>>>
>>> On Monday, October 12, 2020, 05:16:27 PM GMT+3:30, James Smith <js5@sanger.ac.uk> wrote:
>>>
>>>
>>>
>>>
>>>
>>> Yes - with Apache you put a default virtual host which redirects all traffic to your https server
>>>
>>> <VirtualHost *:80>
>>> RequestHeader unset X-is-ssl
>>> <Location />
>>> <Limit OPTIONS>
>>> Require all denied
>>> </Limit>
>>> Require all granted
>>> </Location>
>>> ProxyPreserveHost on
>>> RewriteEngine on
>>> RewriteRule ^(.*)$ https://myservername.com%{REQUEST_URI} [R=permanent,L,NE]
>>> </VirtualHost>
>>>
>>> You can do something for 443 as well.
>>>
>>> -----Original Message-----
>>> From: Jason Long <hack3rcon@yahoo.com.INVALID>
>>> Sent: 12 October 2020 14:10
>>> To: users@httpd.apache.org
>>> Subject: Re: [users@httpd] Forwarding IP to HTTPS. [EXT]
>>>
>>> Thank you.
>>> I want when a user enter my server IP address in his\her browser then it forward to "https://urldefense.proofpoint.com/v2/url?u=https-3A__mywebsite.com&d=DwIFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=rK8vCBmQ5CHbZU9JjXzRNDNz8RofAv82ZlfXjYIEtgY&s=rt4c_6jtMKJiE15dKtx138HTXgpDRMPcmCGbZ0yYwZk&e= ".
>>>
>>>
>>>
>>>
>>>
>>>
>>> On Monday, October 12, 2020, 12:14:31 PM GMT+3:30, Antony Stone <antony.stone@apache.open.source.it> wrote:
>>>
>>>
>>>
>>>
>>>
>>> On Monday 12 October 2020 at 07:25:56, Jason Long wrote:
>>>
>>>> Hello,
>>>> Forwarding an IP address to HTTPS domain is the task of Apache or SSL?
>>>
>>> What do you mean by "forwarding", and what protocol (presumably either HTTP or
>>> HTTPS) is being used by the client application which starts the connection
>>> (ie: a web browser or equivalent)?
>>>
>>> Please give more details about your question so that we have a better idea what the correct answer might be.
>>>
>>>
>>> Antony.
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

You used "Redirect / https://hostname.tld/" and I'm using "Redirect permanent / https://www.example.com". I have a "permanent" word.
I






On Monday, October 12, 2020, 06:40:00 PM GMT+3:30, Frank <thumbs@apache.org> wrote:





You can compare my redirect directive with yours. There is a subtle
difference.

Also, you don't need a documentroot in a vhost if you redirect every
request.

On 12/10/20 11:02 AM, Jason Long wrote:
> Excuse me, How?
>
>
>
>
>
>
> On Monday, October 12, 2020, 06:29:38 PM GMT+3:30, Frank Gingras <francois.gingras@gmail.com> wrote:
>
>
>
>
>
> Always match the trailing slashes when redirecting.
>
> On 12/10/20 10:43 AM, Jason Long wrote:
>> # apachectl -S
>> #
>>
>> My Virtual Host configuration is:
>>
>> <VirtualHost *:80>
>> Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"
>> ServerAdmin root@localhost
>> ServerName www.example.com
>> ServerAlias www.example.com
>> DocumentRoot /var/www/wp
>> <Directory "/var/www/wp">
>> Options Indexes FollowSymLinks
>> AllowOverride all
>> Require all granted
>> </Directory>
>> ErrorLog /var/log/httpd/wordpress_error.log
>> CustomLog /var/log/httpd/wordpress_access.log common
>> RewriteEngine on
>> RewriteCond %{SERVER_NAME} =example.com [OR]
>> RewriteCond %{SERVER_NAME} =www.example.com [OR]
>> RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
>> Redirect permanent / https://www.example.com
>> </VirtualHost>
>>
>>
>>
>>
>>
>>
>>
>> On Monday, October 12, 2020, 06:06:32 PM GMT+3:30, Frank <thumbs@apache.org> wrote:
>>
>>
>>
>>
>>
>> I would take a step back. The approach stated below is not only
>> convoluted, but ignores the existing configuration.
>>
>> First, run apachectl -S to see what your existing vhosts are set up as.
>>
>> Then, from the default (first) vhost, you simply need a ServerName
>> directive, and Redirect. The former is required for name-based vhosts:
>>
>> <VirtualHost *:80>
>> ServerName defaultvhost
>> Redirect / https://hostname.tld/
>> </VirtualHost>
>>
>> If you don't want to use your existing first vhost as a default for
>> http://ip/ requests, define another.
>>
>> On 12/10/20 10:26 AM, Jason Long wrote:
>>> Thank you.
>>> I added that lines to my Virtual Host file but it show me "Your connection is not private".
>>>
>>>
>>>
>>>
>>>
>>>
>>> On Monday, October 12, 2020, 05:16:27 PM GMT+3:30, James Smith <js5@sanger.ac.uk> wrote:
>>>
>>>
>>>
>>>
>>>
>>> Yes - with Apache you put a default virtual host which redirects all traffic to your https server
>>>
>>> <VirtualHost *:80>
>>>  RequestHeader unset X-is-ssl
>>>  <Location />
>>>    <Limit OPTIONS>
>>>      Require all denied
>>>    </Limit>
>>>    Require all granted
>>>  </Location>
>>>  ProxyPreserveHost on
>>>  RewriteEngine    on
>>>  RewriteRule      ^(.*)$ https://myservername.com%{REQUEST_URI} [R=permanent,L,NE]
>>> </VirtualHost>
>>>
>>> You can do something for 443 as well.
>>>
>>> -----Original Message-----
>>> From: Jason Long <hack3rcon@yahoo.com.INVALID>
>>> Sent: 12 October 2020 14:10
>>> To: users@httpd.apache.org
>>> Subject: Re: [users@httpd] Forwarding IP to HTTPS. [EXT]
>>>
>>> Thank you.
>>> I want when a user enter my server IP address in his\her browser then it forward to "https://urldefense.proofpoint.com/v2/url?u=https-3A__mywebsite.com&d=DwIFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=rK8vCBmQ5CHbZU9JjXzRNDNz8RofAv82ZlfXjYIEtgY&s=rt4c_6jtMKJiE15dKtx138HTXgpDRMPcmCGbZ0yYwZk&e= ".
>>>
>>>
>>>
>>>
>>>
>>>
>>> On Monday, October 12, 2020, 12:14:31 PM GMT+3:30, Antony Stone <antony.stone@apache.open.source.it> wrote:
>>>
>>>
>>>
>>>
>>>
>>> On Monday 12 October 2020 at 07:25:56, Jason Long wrote:
>>>
>>>> Hello,
>>>> Forwarding an IP address to HTTPS domain is the task of Apache or SSL?
>>>
>>> What do you mean by "forwarding", and what protocol (presumably either HTTP or
>>> HTTPS) is being used by the client application which starts the connection
>>> (ie: a web browser or equivalent)?
>>>
>>> Please give more details about your question so that we have a better idea what the correct answer might be.
>>>
>>>
>>> Antony.
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org

>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

This would be my set-up in your case - note as someone said it was too complex I've removed the extra security bits I'd left in by accident...

## Port 80 && 443 default configs...

<VirtualHost *:80>
RequestHeader unset X-is-ssl
RewriteEngine on
RewriteRule ^(.*)$ https://www.mydomain.com%{REQUEST_URI} [R=permanent,L,NE]
</VirtualHost>

<VirtualHost *:443>
RewriteEngine on
RewriteRule ^(.*)$ https://www.mydomain.com/%{REQUEST_URI} [R,L,NE]
</VirtualHost>

## Port 443 default - this is our main server...... so your main apache config stuff should be in here with SSL configured correctly..

<VirtualHost *:443>
ServerName www.mydomain.com
...
...
...
...
...
</VirtualHost>

If you have more than one domain then you will need to add rules on port 80 to preserve the hostname & also blocks for each additional domain



--
The Wellcome Sanger Institute is operated by Genome Research
Limited, a charity registered in England with number 1021457 and a
company registered in England with number 2742969, whose registered
office is 215 Euston Road, London, NW1 2BE.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

I mentioned slashes. Look at yours, and mine.

On 12/10/20 11:22 AM, Jason Long wrote:
> You used "Redirect / https://hostname.tld/" <https://hostname.tld/> and
> I'm using "Redirect permanent / https://www.example.com".
> <https://www.example.com> I have a "permanent" word.
>
> I
>
>
>
>
>
>
>
> On Monday, October 12, 2020, 06:40:00 PM GMT+3:30, Frank
> <thumbs@apache.org> wrote:
>
>
>
>
>
> You can compare my redirect directive with yours. There is a subtle
> difference.
>
> Also, you don't need a documentroot in a vhost if you redirect every
> request.
>
> On 12/10/20 11:02 AM, Jason Long wrote:
>> Excuse me, How?
>>
>>
>>
>>
>>
>>
>> On Monday, October 12, 2020, 06:29:38 PM GMT+3:30, Frank Gingras
> <francois.gingras@gmail.com> wrote:
>>
>>
>>
>>
>>
>> Always match the trailing slashes when redirecting.
>>
>> On 12/10/20 10:43 AM, Jason Long wrote:
>>> # apachectl -S
>>> #
>>>
>>> My Virtual Host configuration is:
>>>
>>> <VirtualHost *:80>
>>> Header always set Strict-Transport-Security "max-age=63072000;
> includeSubdomains; preload"
>>> ServerAdmin root@localhost
>>> ServerName www.example.com
>>> ServerAlias www.example.com
>>> DocumentRoot /var/www/wp
>>> <Directory "/var/www/wp">
>>> Options Indexes FollowSymLinks
>>> AllowOverride all
>>> Require all granted
>>> </Directory>
>>> ErrorLog /var/log/httpd/wordpress_error.log
>>> CustomLog /var/log/httpd/wordpress_access.log common
>>> RewriteEngine on
>>> RewriteCond %{SERVER_NAME} =example.com [OR]
>>> RewriteCond %{SERVER_NAME} =www.example.com [OR]
>>> RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
>>> Redirect permanent / https://www.example.com
>>> </VirtualHost>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> On Monday, October 12, 2020, 06:06:32 PM GMT+3:30, Frank
> <thumbs@apache.org> wrote:
>>>
>>>
>>>
>>>
>>>
>>> I would take a step back. The approach stated below is not only
>>> convoluted, but ignores the existing configuration.
>>>
>>> First, run apachectl -S to see what your existing vhosts are set up as.
>>>
>>> Then, from the default (first) vhost, you simply need a ServerName
>>> directive, and Redirect. The former is required for name-based vhosts:
>>>
>>> <VirtualHost *:80>
>>> ServerName defaultvhost
>>> Redirect / https://hostname.tld/
>>> </VirtualHost>
>>>
>>> If you don't want to use your existing first vhost as a default for
>>> http://ip/ requests, define another.
>>>
>>> On 12/10/20 10:26 AM, Jason Long wrote:
>>>> Thank you.
>>>> I added that lines to my Virtual Host file but it show me "Your
> connection is not private".
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On Monday, October 12, 2020, 05:16:27 PM GMT+3:30, James Smith
> <js5@sanger.ac.uk> wrote:
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> Yes - with Apache you put a default virtual host which redirects all
> traffic to your https server
>>>>
>>>> <VirtualHost *:80>
>>>> RequestHeader unset X-is-ssl
>>>> <Location />
>>>> <Limit OPTIONS>
>>>> Require all denied
>>>> </Limit>
>>>> Require all granted
>>>> </Location>
>>>> ProxyPreserveHost on
>>>> RewriteEngine on
>>>> RewriteRule ^(.*)$ https://myservername.com%{REQUEST_URI}
> [R=permanent,L,NE]
>>>> </VirtualHost>
>>>>
>>>> You can do something for 443 as well.
>>>>
>>>> -----Original Message-----
>>>> From: Jason Long <hack3rcon@yahoo.com.INVALID>
>>>> Sent: 12 October 2020 14:10
>>>> To: users@httpd.apache.org
>>>> Subject: Re: [users@httpd] Forwarding IP to HTTPS. [EXT]
>>>>
>>>> Thank you.
>>>> I want when a user enter my server IP address in his\her browser
> then it forward to
> "https://urldefense.proofpoint.com/v2/url?u=https-3A__mywebsite.com&d=DwIFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=rK8vCBmQ5CHbZU9JjXzRNDNz8RofAv82ZlfXjYIEtgY&s=rt4c_6jtMKJiE15dKtx138HTXgpDRMPcmCGbZ0yYwZk&e=
> ".
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On Monday, October 12, 2020, 12:14:31 PM GMT+3:30, Antony Stone
> <antony.stone@apache.open.source.it> wrote:
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On Monday 12 October 2020 at 07:25:56, Jason Long wrote:
>>>>
>>>>> Hello,
>>>>> Forwarding an IP address to HTTPS domain is the task of Apache or SSL?
>>>>
>>>> What do you mean by "forwarding", and what protocol (presumably
> either HTTP or
>>>> HTTPS) is being used by the client application which starts the
> connection
>>>> (ie: a web browser or equivalent)?
>>>>
>>>> Please give more details about your question so that we have a
> better idea what the correct answer might be.
>>>>
>>>>
>>>> Antony.
>>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>> For additional commands, e-mail: users-help@httpd.apache.org
>
>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

At the end of domain name?
On Monday, October 12, 2020, 07:01:27 PM GMT+3:30, Frank <thumbs@apache.org> wrote:

I mentioned slashes. Look at yours, and mine.

On 12/10/20 11:22 AM, Jason Long wrote:
> You used "Redirect / https://hostname.tld/" <https://hostname.tld/> and
> I'm using "Redirect permanent / https://www.example.com".
> <https://www.example.com> I have a "permanent" word.
>
> I
>
>
>
>
>
>
>
> On Monday, October 12, 2020, 06:40:00 PM GMT+3:30, Frank
> <thumbs@apache.org> wrote:
>
>
>
>
>
> You can compare my redirect directive with yours. There is a subtle
> difference.
>
> Also, you don't need a documentroot in a vhost if you redirect every
> request.
>
> On 12/10/20 11:02 AM, Jason Long wrote:
>> Excuse me, How?
>>
>>
>>
>>
>>
>>
>> On Monday, October 12, 2020, 06:29:38 PM GMT+3:30, Frank Gingras
> <francois.gingras@gmail.com> wrote:
>>
>>
>>
>>
>>
>> Always match the trailing slashes when redirecting.
>>
>> On 12/10/20 10:43 AM, Jason Long wrote:
>>> # apachectl -S
>>> #
>>>
>>> My Virtual Host configuration is:
>>>
>>> <VirtualHost *:80>
>>> Header always set Strict-Transport-Security "max-age=63072000;
> includeSubdomains; preload"
>>> ServerAdmin root@localhost
>>> ServerName www.example.com
>>> ServerAlias www.example.com
>>> DocumentRoot /var/www/wp
>>> <Directory "/var/www/wp">
>>> Options Indexes FollowSymLinks
>>> AllowOverride all
>>> Require all granted
>>> </Directory>
>>> ErrorLog /var/log/httpd/wordpress_error.log
>>> CustomLog /var/log/httpd/wordpress_access.log common
>>> RewriteEngine on
>>> RewriteCond %{SERVER_NAME} =example.com [OR]
>>> RewriteCond %{SERVER_NAME} =www.example.com [OR]
>>> RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
>>> Redirect permanent / https://www.example.com
>>> </VirtualHost>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> On Monday, October 12, 2020, 06:06:32 PM GMT+3:30, Frank
> <thumbs@apache.org> wrote:
>>>
>>>
>>>
>>>
>>>
>>> I would take a step back. The approach stated below is not only
>>> convoluted, but ignores the existing configuration.
>>>
>>> First, run apachectl -S to see what your existing vhosts are set up as.
>>>
>>> Then, from the default (first) vhost, you simply need a ServerName
>>> directive, and Redirect. The former is required for name-based vhosts:
>>>
>>> <VirtualHost *:80>
>>> ServerName defaultvhost
>>> Redirect / https://hostname.tld/
>>> </VirtualHost>
>>>
>>> If you don't want to use your existing first vhost as a default for
>>> http://ip/ requests, define another.
>>>
>>> On 12/10/20 10:26 AM, Jason Long wrote:
>>>> Thank you.
>>>> I added that lines to my Virtual Host file but it show me "Your
> connection is not private".
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On Monday, October 12, 2020, 05:16:27 PM GMT+3:30, James Smith
> <js5@sanger.ac.uk> wrote:
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> Yes - with Apache you put a default virtual host which redirects all
> traffic to your https server
>>>>
>>>> <VirtualHost *:80>
>>>>  RequestHeader unset X-is-ssl
>>>>  <Location />
>>>>    <Limit OPTIONS>
>>>>      Require all denied
>>>>    </Limit>
>>>>    Require all granted
>>>>  </Location>
>>>>  ProxyPreserveHost on
>>>>  RewriteEngine    on
>>>>  RewriteRule      ^(.*)$ https://myservername.com%{REQUEST_URI}
> [R=permanent,L,NE]
>>>> </VirtualHost>
>>>>
>>>> You can do something for 443 as well.
>>>>
>>>> -----Original Message-----
>>>> From: Jason Long <hack3rcon@yahoo.com.INVALID>
>>>> Sent: 12 October 2020 14:10
>>>> To: users@httpd.apache.org
>>>> Subject: Re: [users@httpd] Forwarding IP to HTTPS. [EXT]
>>>>
>>>> Thank you.
>>>> I want when a user enter my server IP address in his\her browser
> then it forward to
> "https://urldefense.proofpoint.com/v2/url?u=https-3A__mywebsite.com&d=DwIFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=rK8vCBmQ5CHbZU9JjXzRNDNz8RofAv82ZlfXjYIEtgY&s=rt4c_6jtMKJiE15dKtx138HTXgpDRMPcmCGbZ0yYwZk&e=
> ".
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On Monday, October 12, 2020, 12:14:31 PM GMT+3:30, Antony Stone
> <antony.stone@apache.open.source.it> wrote:
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On Monday 12 October 2020 at 07:25:56, Jason Long wrote:
>>>>
>>>>> Hello,
>>>>> Forwarding an IP address to HTTPS domain is the task of Apache or SSL?
>>>>
>>>> What do you mean by "forwarding", and what protocol (presumably
> either HTTP or
>>>> HTTPS) is being used by the client application which starts the
> connection
>>>> (ie: a web browser or equivalent)?
>>>>
>>>> Please give more details about your question so that we have a
> better idea what the correct answer might be.
>>>>
>>>>
>>>> Antony.
>>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>> For additional commands, e-mail: users-help@httpd.apache.org
>
>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

James,

Omitting an explicit ServerName in name-based vhosts is a bad idea as
well. You can create conflicts or ambiguities.


On 12/10/20 11:22 AM, James Smith wrote:
> This would be my set-up in your case - note as someone said it was too complex I've removed the extra security bits I'd left in by accident...
>
> ## Port 80 && 443 default configs...
>
> <VirtualHost *:80>
> RequestHeader unset X-is-ssl
> RewriteEngine on
> RewriteRule ^(.*)$ https://www.mydomain.com%{REQUEST_URI} [R=permanent,L,NE]
> </VirtualHost>
>
> <VirtualHost *:443>
> RewriteEngine on
> RewriteRule ^(.*)$ https://www.mydomain.com/%{REQUEST_URI} [R,L,NE]
> </VirtualHost>
>
> ## Port 443 default - this is our main server...... so your main apache config stuff should be in here with SSL configured correctly..
>
> <VirtualHost *:443>
> ServerName www.mydomain.com
> ...
> ...
> ...
> ...
> ...
> </VirtualHost>
>
> If you have more than one domain then you will need to add rules on port 80 to preserve the hostname & also blocks for each additional domain
>
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

It's how you do a catchall... there is no other way of doing it - it doesn't cause any problems if you only have one.

I have many domains with wildcard DNS it is the clean way of handling those sub-domains I am not serving in a "nice" manner rather than just dropping the requests on the floor....


-----Original Message-----
From: Frank <thumbs@apache.org>
Sent: 12 October 2020 16:36
To: users@httpd.apache.org
Subject: Re: [users@httpd] Forwarding IP to HTTPS. [EXT]

James,

Omitting an explicit ServerName in name-based vhosts is a bad idea as well. You can create conflicts or ambiguities.


On 12/10/20 11:22 AM, James Smith wrote:
> This would be my set-up in your case - note as someone said it was too complex I've removed the extra security bits I'd left in by accident...
>
> ## Port 80 && 443 default configs...
>
> <VirtualHost *:80>
> RequestHeader unset X-is-ssl
> RewriteEngine on
> RewriteRule ^(.*)$ https://urldefense.proofpoint.com/v2/url?u=https-3A__www.mydomain.com-25-257BREQUEST-5FURI-257D&d=DwICaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=w8mNihZcLdPkrkWTFdVG6LmAT8UO_9FqLV_4Ywf19mc&s=47aeC7VpZqBNUbE_aKiS0JoffbV7H5FyjfM7UmoWTDI&e= [R=permanent,L,NE]
> </VirtualHost>
>
> <VirtualHost *:443>
> RewriteEngine on
> RewriteRule ^(.*)$ https://urldefense.proofpoint.com/v2/url?u=https-3A__www.mydomain.com_-25-257BREQUEST-5FURI-257D&d=DwICaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=w8mNihZcLdPkrkWTFdVG6LmAT8UO_9FqLV_4Ywf19mc&s=aVlFo1DDVwr3tEOodTNO7ClXY1kSHj0WWY8i_gvHs-M&e= [R,L,NE]
> </VirtualHost>
>
> ## Port 443 default - this is our main server...... so your main apache config stuff should be in here with SSL configured correctly..
>
> <VirtualHost *:443>
> ServerName https://urldefense.proofpoint.com/v2/url?u=http-3A__www.mydomain.com&d=DwICaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=w8mNihZcLdPkrkWTFdVG6LmAT8UO_9FqLV_4Ywf19mc&s=szdN2RRM4IZr7J-1Pvimaja8Tgaxr2VdeFsiw-dixVU&e=
> ...
> ...
> ...
> ...
> ...
> </VirtualHost>
>
> If you have more than one domain then you will need to add rules on
> port 80 to preserve the hostname & also blocks for each additional
> domain
>
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org




--
The Wellcome Sanger Institute is operated by Genome Research
Limited, a charity registered in England with number 1021457 and a
company registered in England with number 2742969, whose registered
office is 215 Euston Road, London, NW1 2BE.???????????????????????????????????????????????????????????????????????F?V?7V'67&?&R?R???âW6W'2?V?7V'67&?&T?GGB?6?R??&p?f?"FF?F????6????G2?R???âW6W'2?V??GGB?6?R??&p

Excuse me,Can you clean my configuration?
On Monday, October 12, 2020, 07:06:17 PM GMT+3:30, Frank <thumbs@apache.org> wrote:

James,

Omitting an explicit ServerName in name-based vhosts is a bad idea as
well. You can create conflicts or ambiguities.


On 12/10/20 11:22 AM, James Smith wrote:
> This would be my set-up in your case - note as someone said it was too complex I've removed the extra security bits I'd left in by accident...
>
> ## Port 80 && 443 default configs...
>
> <VirtualHost *:80>
>  RequestHeader unset X-is-ssl
>  RewriteEngine    on
>  RewriteRule      ^(.*)$ https://www.mydomain.com%{REQUEST_URI} [R=permanent,L,NE]
> </VirtualHost>
>
> <VirtualHost *:443>
>  RewriteEngine    on
>  RewriteRule      ^(.*)$ https://www.mydomain.com/%{REQUEST_URI} [R,L,NE]
> </VirtualHost>
>
> ## Port 443 default - this is our main server...... so your main apache config stuff should be in here with SSL configured correctly..
>
> <VirtualHost *:443>
>  ServerName www.mydomain.com
>  ...
>  ...
>  ...
>  ...
>  ...
> </VirtualHost>
> 
> If you have more than one domain then you will need to add rules on port 80 to preserve the hostname & also blocks for each additional domain
>
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

So I would do this for the virtual host sections – assuming you are only running ONE externally facing website – there are other things you would need to do if you were running multiple ones

## Send all traffic on port 80 to the primary domain over SSL…

<VirtualHost *:80>
RequestHeader unset X-is-ssl
RewriteEngine on
RewriteRule ^(.*)$ https://www.example.com%{REQUEST_URI} [R=permanent,L,NE]
</VirtualHost>

## Send all traffic on port 443 which isn't the primary domain to the primary domain
## This implicitly picks up the IP for the host, the actual hostname OR the unqualified domain name example.com

<VirtualHost *:443>
RewriteEngine on
RewriteRule ^(.*)$ https://www.example.com/%{REQUEST_URI} [R,L,NE]
</VirtualHost>

<VirtualHost *:443>
Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"
ServerAdmin root@localhost
ServerName www.example.com
## Do not use Server Alias here for alternative domains - only use for test/dev sites...
DocumentRoot /var/www/wp
<Directory "/var/www/wp">
Options Indexes FollowSymLinks
AllowOverride all
Require all granted
</Directory>

## Put the rest of your wordpress stuff here...
</VirtualHost>

From: Jason Long <hack3rcon@yahoo.com.INVALID>
Sent: 12 October 2020 16:39
To: users@httpd.apache.org
Subject: Re: [users@httpd] Forwarding IP to HTTPS. [EXT]

Excuse me,
Can you clean my configuration?

On Monday, October 12, 2020, 07:06:17 PM GMT+3:30, Frank <thumbs@apache.org<mailto:thumbs@apache.org>> wrote:


James,

Omitting an explicit ServerName in name-based vhosts is a bad idea as
well. You can create conflicts or ambiguities.

On 12/10/20 11:22 AM, James Smith wrote:
> This would be my set-up in your case - note as someone said it was too complex I've removed the extra security bits I'd left in by accident...
>
> ## Port 80 && 443 default configs...
>
> <VirtualHost *:80>
> RequestHeader unset X-is-ssl
> RewriteEngine on
> RewriteRule ^(.*)$ https://www.mydomain.com% [mydomain.com%]<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.mydomain.com-25&d=DwMFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=aSXzAFTQK2MqTd4h8-yDESDKjJwJfq6x0sy97DB2Dlg&s=rP2yXyskai3avho4gNa3ivaQdP6NyvIGOONKga7UWLA&e=>{REQUEST_URI} [R=permanent,L,NE]
> </VirtualHost>
>
> <VirtualHost *:443>
> RewriteEngine on
> RewriteRule ^(.*)$ https://www.mydomain.com/% [mydomain.com]<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.mydomain.com_-25&d=DwMFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=aSXzAFTQK2MqTd4h8-yDESDKjJwJfq6x0sy97DB2Dlg&s=0xY2vrAmBv9NS93So6uL5BSAVrWQQPPc8fQe6cF_oHo&e=>{REQUEST_URI} [R,L,NE]
> </VirtualHost>
>
> ## Port 443 default - this is our main server...... so your main apache config stuff should be in here with SSL configured correctly..
>
> <VirtualHost *:443>
> ServerName www.mydomain.com<http://www.mydomain.com>
> ...
> ...
> ...
> ...
> ...
> </VirtualHost>
>
> If you have more than one domain then you will need to add rules on port 80 to preserve the hostname & also blocks for each additional domain
>
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org<mailto:users-unsubscribe@httpd.apache.org>
For additional commands, e-mail: users-help@httpd.apache.org<mailto:users-help@httpd.apache.org>



--
The Wellcome Sanger Institute is operated by Genome Research
Limited, a charity registered in England with number 1021457 and a
company registered in England with number 2742969, whose registered
office is 215 Euston Road, London, NW1 2BE.

Thank you.I'm using Let's Encrypt SSL. Is it OK?

Sent from Yahoo Mail on Android

On Mon, Oct 12, 2020 at 7:27 PM, James Smith<js5@sanger.ac.uk> wrote: #yiv3289296361 #yiv3289296361 -- _filtered {} _filtered {} _filtered {}#yiv3289296361 #yiv3289296361 p.yiv3289296361MsoNormal, #yiv3289296361 li.yiv3289296361MsoNormal, #yiv3289296361 div.yiv3289296361MsoNormal {margin:0cm;font-size:11.0pt;font-family:sans-serif;}#yiv3289296361 a:link, #yiv3289296361 span.yiv3289296361MsoHyperlink {color:blue;text-decoration:underline;}#yiv3289296361 .yiv3289296361MsoChpDefault {font-size:10.0pt;} _filtered {}#yiv3289296361 div.yiv3289296361WordSection1 {}#yiv3289296361
So I would do this for the virtual host sections – assuming you are only running ONE externally facing website – there are other things you would need to do if you were running multiple ones

## Send all traffic on port 80 to the primary domain over SSL…


<VirtualHost *:80>

  RequestHeader unset X-is-ssl

  RewriteEngine     on

  RewriteRule       ^(.*)$ https://www.example.com%{REQUEST_URI} [R=permanent,L,NE]

</VirtualHost>

 

## Send all traffic on port 443 which isn't the primary domain to the primary domain
## This implicitly picks up the IP for the host, the actual hostname OR the unqualified domain name example.com

 

<VirtualHost *:443>

  RewriteEngine     on

  RewriteRule       ^(.*)$ https://www.example.com/%{REQUEST_URI} [R,L,NE]

</VirtualHost>

 

<VirtualHost *:443>

  Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"

  ServerAdmin root@localhost

  ServerName www.example.com

  ## Do not use Server Alias here for alternative domains - only use for test/dev sites...

  DocumentRoot /var/www/wp

  <Directory "/var/www/wp">

    Options Indexes FollowSymLinks

    AllowOverride all

    Require all granted

  </Directory>

 

  ## Put the rest of your wordpress stuff here...

</VirtualHost>

 

From: Jason Long <hack3rcon@yahoo.com.INVALID>
Sent: 12 October 2020 16:39
To: users@httpd.apache.org
Subject: Re: [users@httpd] Forwarding IP to HTTPS. [EXT]

 

Excuse me,

Can you clean my configuration?

 

On Monday, October 12, 2020, 07:06:17 PM GMT+3:30, Frank <thumbs@apache.org> wrote:

 

 

James,

Omitting an explicit ServerName in name-based vhosts is a bad idea as
well. You can create conflicts or ambiguities.


On 12/10/20 11:22 AM, James Smith wrote:
> This would be my set-up in your case - note as someone said it was too complex I've removed the extra security bits I'd left in by accident...
>
> ## Port 80 && 443 default configs...
>
> <VirtualHost *:80>
>  RequestHeader unset X-is-ssl
>  RewriteEngine    on
>  RewriteRule      ^(.*)$ https://www.mydomain.com% [mydomain.com%]{REQUEST_URI} [R=permanent,L,NE]
> </VirtualHost>
>
> <VirtualHost *:443>
>  RewriteEngine    on
>  RewriteRule      ^(.*)$ https://www.mydomain.com/% [mydomain.com]{REQUEST_URI} [R,L,NE]

> </VirtualHost>
>
> ## Port 443 default - this is our main server...... so your main apache config stuff should be in here with SSL configured correctly..
>
> <VirtualHost *:443>
>  ServerName www.mydomain.com
>  ...
>  ...
>  ...
>  ...
>  ...
> </VirtualHost>
> 
> If you have more than one domain then you will need to add rules on port 80 to preserve the hostname & also blocks for each additional domain
>
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org -- The Wellcome Sanger Institute is operated by Genome Research Limited, a charity registered in England with number 1021457 and a company registered in England with number 2742969, whose registered office is 215 Euston Road, London, NW1 2BE.

That is incorrect. If you inherit a ServerName value that conflicts with
other name-based vhosts, you break your set. You can use a dummy value,
or even the IP in the ServerName attribute.

Run apachectl -S on all your servers to verify, you are making dangerous
assumptions.

On 12/10/20 11:38 AM, James Smith wrote:
> It's how you do a catchall... there is no other way of doing it - it doesn't cause any problems if you only have one.
>
> I have many domains with wildcard DNS it is the clean way of handling those sub-domains I am not serving in a "nice" manner rather than just dropping the requests on the floor....
>
>
> -----Original Message-----
> From: Frank <thumbs@apache.org>
> Sent: 12 October 2020 16:36
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] Forwarding IP to HTTPS. [EXT]
>
> James,
>
> Omitting an explicit ServerName in name-based vhosts is a bad idea as well. You can create conflicts or ambiguities.
>
>
> On 12/10/20 11:22 AM, James Smith wrote:
>> This would be my set-up in your case - note as someone said it was too complex I've removed the extra security bits I'd left in by accident...
>>
>> ## Port 80 && 443 default configs...
>>
>> <VirtualHost *:80>
>> RequestHeader unset X-is-ssl
>> RewriteEngine on
>> RewriteRule ^(.*)$ https://urldefense.proofpoint.com/v2/url?u=https-3A__www.mydomain.com-25-257BREQUEST-5FURI-257D&d=DwICaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=w8mNihZcLdPkrkWTFdVG6LmAT8UO_9FqLV_4Ywf19mc&s=47aeC7VpZqBNUbE_aKiS0JoffbV7H5FyjfM7UmoWTDI&e= [R=permanent,L,NE]
>> </VirtualHost>
>>
>> <VirtualHost *:443>
>> RewriteEngine on
>> RewriteRule ^(.*)$ https://urldefense.proofpoint.com/v2/url?u=https-3A__www.mydomain.com_-25-257BREQUEST-5FURI-257D&d=DwICaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=w8mNihZcLdPkrkWTFdVG6LmAT8UO_9FqLV_4Ywf19mc&s=aVlFo1DDVwr3tEOodTNO7ClXY1kSHj0WWY8i_gvHs-M&e= [R,L,NE]
>> </VirtualHost>
>>
>> ## Port 443 default - this is our main server...... so your main apache config stuff should be in here with SSL configured correctly..
>>
>> <VirtualHost *:443>
>> ServerName https://urldefense.proofpoint.com/v2/url?u=http-3A__www.mydomain.com&d=DwICaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=w8mNihZcLdPkrkWTFdVG6LmAT8UO_9FqLV_4Ywf19mc&s=szdN2RRM4IZr7J-1Pvimaja8Tgaxr2VdeFsiw-dixVU&e=
>> ...
>> ...
>> ...
>> ...
>> ...
>> </VirtualHost>
>>
>> If you have more than one domain then you will need to add rules on
>> port 80 to preserve the hostname & also blocks for each additional
>> domain
>>
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

James,

Unless the user has many hosts, I would recommend against using
mod_rewrite here. It isn't needed. And your vhost should include an
explicity ServerName directive.

On 12/10/20 11:56 AM, James Smith wrote:
> So I would do this for the virtual host sections – assuming you are only
> running ONE externally facing website – there are other things you would
> need to do if you were running multiple ones
>
> ## Send all traffic on port 80 to the primary domain over SSL…
>
>
> <VirtualHost *:80>
>
> RequestHeader unset X-is-ssl
>
> RewriteEngine on
>
> RewriteRule ^(.*)$ https://www.example.com%{REQUEST_URI}
> [R=permanent,L,NE]
>
> </VirtualHost>
>
>
>
> ## Send all traffic on port 443 which isn't the primary domain to the
> primary domain
> ## This implicitly picks up the IP for the host, the actual hostname OR
> the unqualified domain name example.com
>
>
>
> <VirtualHost *:443>
>
> RewriteEngine on
>
> RewriteRule ^(.*)$ https://www.example.com/%{REQUEST_URI} [R,L,NE]
>
> </VirtualHost>
>
>
>
> <VirtualHost *:443>
>
> Header always set Strict-Transport-Security "max-age=63072000;
> includeSubdomains; preload"
>
> ServerAdmin root@localhost
>
> ServerName www.example.com
>
> ## Do not use Server Alias here for alternative domains - only use for
> test/dev sites...
>
> DocumentRoot /var/www/wp
>
> <Directory "/var/www/wp">
>
> Options Indexes FollowSymLinks
>
> AllowOverride all
>
> Require all granted
>
> </Directory>
>
>
>
> ## Put the rest of your wordpress stuff here...
>
> </VirtualHost>
>
>
>
> *From:*Jason Long <hack3rcon@yahoo.com.INVALID>
> *Sent:* 12 October 2020 16:39
> *To:* users@httpd.apache.org
> *Subject:* Re: [users@httpd] Forwarding IP to HTTPS. [EXT]
>
>
>
> Excuse me,
>
> Can you clean my configuration?
>
>
>
> On Monday, October 12, 2020, 07:06:17 PM GMT+3:30, Frank
> <thumbs@apache.org <mailto:thumbs@apache.org>> wrote:
>
>
>
>
>
> James,
>
> Omitting an explicit ServerName in name-based vhosts is a bad idea as
> well. You can create conflicts or ambiguities.
>
>
> On 12/10/20 11:22 AM, James Smith wrote:
>> This would be my set-up in your case - note as someone said it was too complex I've removed the extra security bits I'd left in by accident...
>>
>> ## Port 80 && 443 default configs...
>>
>> <VirtualHost *:80>
>> RequestHeader unset X-is-ssl
>> RewriteEngine on
>> RewriteRule ^(.*)$ https://www.mydomain.com% [mydomain.com%]
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.mydomain.com-25&d=DwMFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=aSXzAFTQK2MqTd4h8-yDESDKjJwJfq6x0sy97DB2Dlg&s=rP2yXyskai3avho4gNa3ivaQdP6NyvIGOONKga7UWLA&e=>{REQUEST_URI}
> [R=permanent,L,NE]
>> </VirtualHost>
>>
>> <VirtualHost *:443>
>> RewriteEngine on
>> RewriteRule ^(.*)$ https://www.mydomain.com/% [mydomain.com]
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.mydomain.com_-25&d=DwMFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=aSXzAFTQK2MqTd4h8-yDESDKjJwJfq6x0sy97DB2Dlg&s=0xY2vrAmBv9NS93So6uL5BSAVrWQQPPc8fQe6cF_oHo&e=>{REQUEST_URI}
> [R,L,NE]
>> </VirtualHost>
>>
>> ## Port 443 default - this is our main server...... so your main apache config stuff should be in here with SSL configured correctly..
>>
>> <VirtualHost *:443>
>> ServerName www.mydomain.com <http://www.mydomain.com>
>> ...
>> ...
>> ...
>> ...
>> ...
>> </VirtualHost>
>>
>> If you have more than one domain then you will need to add rules on port 80 to preserve the hostname & also blocks for each additional domain
>>
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> <mailto:users-unsubscribe@httpd.apache.org>
> For additional commands, e-mail: users-help@httpd.apache.org
> <mailto:users-help@httpd.apache.org>
>
> -- The Wellcome Sanger Institute is operated by Genome Research Limited,
> a charity registered in England with number 1021457 and a company
> registered in England with number 2742969, whose registered office is
> 215 Euston Road, London, NW1 2BE.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Redirect doesn't allow you to distinguish between 301s and 302s which you can do with mod_rewrite {very useful feature tbh when it comes to bits like this} - the user is using WordPress so will almost certainly be using mod_rewrite to handle the nice URLs....

As for the issue without a server name - you don't need one in the 800 unless you are doing something clever - as for the redirects it doesn't break but you can put one in - just make sure that it is included first!
-----Original Message-----
From: Frank <thumbs@apache.org>
Sent: 12 October 2020 18:10
To: users@httpd.apache.org
Subject: Re: [users@httpd] Forwarding IP to HTTPS. [EXT]

James,

Unless the user has many hosts, I would recommend against using mod_rewrite here. It isn't needed. And your vhost should include an explicity ServerName directive.

On 12/10/20 11:56 AM, James Smith wrote:
> So I would do this for the virtual host sections – assuming you are
> only running ONE externally facing website – there are other things
> you would need to do if you were running multiple ones
>
> ## Send all traffic on port 80 to the primary domain over SSL…
>
>
> <VirtualHost *:80>
>
> RequestHeader unset X-is-ssl
>
> RewriteEngine on
>
> RewriteRule ^(.*)$ https://urldefense.proofpoint.com/v2/url?u=https-3A__www.example.com-25-257BREQUEST-5FURI-257D&d=DwIFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=ERvrDk3V3OmOKQ_c29so3_jWrThxEfgCkxLIfX3sIvw&s=cugyNGRH0HsECtkleCMZbzrYIt0BcYfZk-Y6c00UdxE&e=
> [R=permanent,L,NE]
>
> </VirtualHost>
>
>
>
> ## Send all traffic on port 443 which isn't the primary domain to the
> primary domain ## This implicitly picks up the IP for the host, the
> actual hostname OR the unqualified domain name example.com
>
>
>
> <VirtualHost *:443>
>
> RewriteEngine on
>
> RewriteRule ^(.*)$ https://urldefense.proofpoint.com/v2/url?u=https-3A__www.example.com_-25-257BREQUEST-5FURI-257D&d=DwIFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=ERvrDk3V3OmOKQ_c29so3_jWrThxEfgCkxLIfX3sIvw&s=m4O1DurIDDG4G-kw46brnnEEXNZ9c4pJi52RMgXto3Y&e= [R,L,NE]
>
> </VirtualHost>
>
>
>
> <VirtualHost *:443>
>
> Header always set Strict-Transport-Security "max-age=63072000;
> includeSubdomains; preload"
>
> ServerAdmin root@localhost
>
> ServerName
> https://urldefense.proofpoint.com/v2/url?u=http-3A__www.example.com&d=
> DwIFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oD
> X0XM7vQ&m=ERvrDk3V3OmOKQ_c29so3_jWrThxEfgCkxLIfX3sIvw&s=mw3MrVOeeCL66Y
> rcxABO8NMrnnmzLmHQBeAdm0m8VYA&e=
>
> ## Do not use Server Alias here for alternative domains - only use
> for test/dev sites...
>
> DocumentRoot /var/www/wp
>
> <Directory "/var/www/wp">
>
> Options Indexes FollowSymLinks
>
> AllowOverride all
>
> Require all granted
>
> </Directory>
>
>
>
> ## Put the rest of your wordpress stuff here...
>
> </VirtualHost>
>
>
>
> *From:*Jason Long <hack3rcon@yahoo.com.INVALID>
> *Sent:* 12 October 2020 16:39
> *To:* users@httpd.apache.org
> *Subject:* Re: [users@httpd] Forwarding IP to HTTPS. [EXT]
>
>
>
> Excuse me,
>
> Can you clean my configuration?
>
>
>
> On Monday, October 12, 2020, 07:06:17 PM GMT+3:30, Frank
> <thumbs@apache.org <mailto:thumbs@apache.org>> wrote:
>
>
>
>
>
> James,
>
> Omitting an explicit ServerName in name-based vhosts is a bad idea as
> well. You can create conflicts or ambiguities.
>
>
> On 12/10/20 11:22 AM, James Smith wrote:
>> This would be my set-up in your case - note as someone said it was too complex I've removed the extra security bits I'd left in by accident...
>>
>> ## Port 80 && 443 default configs...
>>
>> <VirtualHost *:80>
>> RequestHeader unset X-is-ssl
>> RewriteEngine on
>> RewriteRule ^(.*)$ https://urldefense.proofpoint.com/v2/url?u=https-3A__www.mydomain.com-25&d=DwIFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=ERvrDk3V3OmOKQ_c29so3_jWrThxEfgCkxLIfX3sIvw&s=A8EKvfUUPo1cemy_DRQyzWH7n8UvFx5myg5M7r0b380&e= [mydomain.com%]
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.mydomain.com
> -25&d=DwMFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1
> ecj4oDX0XM7vQ&m=aSXzAFTQK2MqTd4h8-yDESDKjJwJfq6x0sy97DB2Dlg&s=rP2yXysk
> ai3avho4gNa3ivaQdP6NyvIGOONKga7UWLA&e=>{REQUEST_URI}
> [R=permanent,L,NE]
>> </VirtualHost>
>>
>> <VirtualHost *:443>
>> RewriteEngine on
>> RewriteRule ^(.*)$ https://urldefense.proofpoint.com/v2/url?u=https-3A__www.mydomain.com_-25&d=DwIFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=ERvrDk3V3OmOKQ_c29so3_jWrThxEfgCkxLIfX3sIvw&s=ueoNZtVbLE1sHVM3T0rcs5Nc_sLHgqvUtNtezSaLZIo&e= [mydomain.com]
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.mydomain.com
> _-25&d=DwMFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge
> 1ecj4oDX0XM7vQ&m=aSXzAFTQK2MqTd4h8-yDESDKjJwJfq6x0sy97DB2Dlg&s=0xY2vrA
> mBv9NS93So6uL5BSAVrWQQPPc8fQe6cF_oHo&e=>{REQUEST_URI}
> [R,L,NE]
>> </VirtualHost>
>>
>> ## Port 443 default - this is our main server...... so your main apache config stuff should be in here with SSL configured correctly..
>>
>> <VirtualHost *:443>
>> ServerName
>> https://urldefense.proofpoint.com/v2/url?u=http-3A__www.mydomain.com&d=DwIFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=ERvrDk3V3OmOKQ_c29so3_jWrThxEfgCkxLIfX3sIvw&s=Pq870e0oOU5bb6s-jPfEyYU__hJUeQOHvv1AZX--fP0&e= <https://urldefense.proofpoint.com/v2/url?u=http-3A__www.mydomain.com&d=DwIFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=ERvrDk3V3OmOKQ_c29so3_jWrThxEfgCkxLIfX3sIvw&s=Pq870e0oOU5bb6s-jPfEyYU__hJUeQOHvv1AZX--fP0&e= > ...
>> ...
>> ...
>> ...
>> ...
>> </VirtualHost>
>>
>> If you have more than one domain then you will need to add rules on
>> port 80 to preserve the hostname & also blocks for each additional
>> domain
>>
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> <mailto:users-unsubscribe@httpd.apache.org>
> For additional commands, e-mail: users-help@httpd.apache.org
> <mailto:users-help@httpd.apache.org>
>
> -- The Wellcome Sanger Institute is operated by Genome Research
> Limited, a charity registered in England with number 1021457 and a
> company registered in England with number 2742969, whose registered
> office is
> 215 Euston Road, London, NW1 2BE.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org




--
The Wellcome Sanger Institute is operated by Genome Research
Limited, a charity registered in England with number 1021457 and a
company registered in England with number 2742969, whose registered
office is 215 Euston Road, London, NW1 2BE.B?KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKCB??[??X???X?KK[XZ[?\?\??][??X???X?P?\X?K???B???Y][?[??[X[??K[XZ[?\?\??Z[?\X?K???B

Yes, it does: Redirect 301 or RedirectPermanent.

Please review the docs before answering.

On 12/10/20 02:04 PM, James Smith wrote:
> Redirect doesn't allow you to distinguish between 301s and 302s which you can do with mod_rewrite {very useful feature tbh when it comes to bits like this} - the user is using WordPress so will almost certainly be using mod_rewrite to handle the nice URLs....
>
> As for the issue without a server name - you don't need one in the 800 unless you are doing something clever - as for the redirects it doesn't break but you can put one in - just make sure that it is included first!
> -----Original Message-----
> From: Frank <thumbs@apache.org>
> Sent: 12 October 2020 18:10
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] Forwarding IP to HTTPS. [EXT]
>
> James,
>
> Unless the user has many hosts, I would recommend against using mod_rewrite here. It isn't needed. And your vhost should include an explicity ServerName directive.
>
> On 12/10/20 11:56 AM, James Smith wrote:
>> So I would do this for the virtual host sections – assuming you are
>> only running ONE externally facing website – there are other things
>> you would need to do if you were running multiple ones
>>
>> ## Send all traffic on port 80 to the primary domain over SSL…
>>
>>
>> <VirtualHost *:80>
>>
>> RequestHeader unset X-is-ssl
>>
>> RewriteEngine on
>>
>> RewriteRule ^(.*)$ https://urldefense.proofpoint.com/v2/url?u=https-3A__www.example.com-25-257BREQUEST-5FURI-257D&d=DwIFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=ERvrDk3V3OmOKQ_c29so3_jWrThxEfgCkxLIfX3sIvw&s=cugyNGRH0HsECtkleCMZbzrYIt0BcYfZk-Y6c00UdxE&e=
>> [R=permanent,L,NE]
>>
>> </VirtualHost>
>>
>>
>>
>> ## Send all traffic on port 443 which isn't the primary domain to the
>> primary domain ## This implicitly picks up the IP for the host, the
>> actual hostname OR the unqualified domain name example.com
>>
>>
>>
>> <VirtualHost *:443>
>>
>> RewriteEngine on
>>
>> RewriteRule ^(.*)$ https://urldefense.proofpoint.com/v2/url?u=https-3A__www.example.com_-25-257BREQUEST-5FURI-257D&d=DwIFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=ERvrDk3V3OmOKQ_c29so3_jWrThxEfgCkxLIfX3sIvw&s=m4O1DurIDDG4G-kw46brnnEEXNZ9c4pJi52RMgXto3Y&e= [R,L,NE]
>>
>> </VirtualHost>
>>
>>
>>
>> <VirtualHost *:443>
>>
>> Header always set Strict-Transport-Security "max-age=63072000;
>> includeSubdomains; preload"
>>
>> ServerAdmin root@localhost
>>
>> ServerName
>> https://urldefense.proofpoint.com/v2/url?u=http-3A__www.example.com&d=
>> DwIFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oD
>> X0XM7vQ&m=ERvrDk3V3OmOKQ_c29so3_jWrThxEfgCkxLIfX3sIvw&s=mw3MrVOeeCL66Y
>> rcxABO8NMrnnmzLmHQBeAdm0m8VYA&e=
>>
>> ## Do not use Server Alias here for alternative domains - only use
>> for test/dev sites...
>>
>> DocumentRoot /var/www/wp
>>
>> <Directory "/var/www/wp">
>>
>> Options Indexes FollowSymLinks
>>
>> AllowOverride all
>>
>> Require all granted
>>
>> </Directory>
>>
>>
>>
>> ## Put the rest of your wordpress stuff here...
>>
>> </VirtualHost>
>>
>>
>>
>> *From:*Jason Long <hack3rcon@yahoo.com.INVALID>
>> *Sent:* 12 October 2020 16:39
>> *To:* users@httpd.apache.org
>> *Subject:* Re: [users@httpd] Forwarding IP to HTTPS. [EXT]
>>
>>
>>
>> Excuse me,
>>
>> Can you clean my configuration?
>>
>>
>>
>> On Monday, October 12, 2020, 07:06:17 PM GMT+3:30, Frank
>> <thumbs@apache.org <mailto:thumbs@apache.org>> wrote:
>>
>>
>>
>>
>>
>> James,
>>
>> Omitting an explicit ServerName in name-based vhosts is a bad idea as
>> well. You can create conflicts or ambiguities.
>>
>>
>> On 12/10/20 11:22 AM, James Smith wrote:
>>> This would be my set-up in your case - note as someone said it was too complex I've removed the extra security bits I'd left in by accident...
>>>
>>> ## Port 80 && 443 default configs...
>>>
>>> <VirtualHost *:80>
>>> RequestHeader unset X-is-ssl
>>> RewriteEngine on
>>> RewriteRule ^(.*)$ https://urldefense.proofpoint.com/v2/url?u=https-3A__www.mydomain.com-25&d=DwIFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=ERvrDk3V3OmOKQ_c29so3_jWrThxEfgCkxLIfX3sIvw&s=A8EKvfUUPo1cemy_DRQyzWH7n8UvFx5myg5M7r0b380&e= [mydomain.com%]
>> <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.mydomain.com
>> -25&d=DwMFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1
>> ecj4oDX0XM7vQ&m=aSXzAFTQK2MqTd4h8-yDESDKjJwJfq6x0sy97DB2Dlg&s=rP2yXysk
>> ai3avho4gNa3ivaQdP6NyvIGOONKga7UWLA&e=>{REQUEST_URI}
>> [R=permanent,L,NE]
>>> </VirtualHost>
>>>
>>> <VirtualHost *:443>
>>> RewriteEngine on
>>> RewriteRule ^(.*)$ https://urldefense.proofpoint.com/v2/url?u=https-3A__www.mydomain.com_-25&d=DwIFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=ERvrDk3V3OmOKQ_c29so3_jWrThxEfgCkxLIfX3sIvw&s=ueoNZtVbLE1sHVM3T0rcs5Nc_sLHgqvUtNtezSaLZIo&e= [mydomain.com]
>> <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.mydomain.com
>> _-25&d=DwMFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge
>> 1ecj4oDX0XM7vQ&m=aSXzAFTQK2MqTd4h8-yDESDKjJwJfq6x0sy97DB2Dlg&s=0xY2vrA
>> mBv9NS93So6uL5BSAVrWQQPPc8fQe6cF_oHo&e=>{REQUEST_URI}
>> [R,L,NE]
>>> </VirtualHost>
>>>
>>> ## Port 443 default - this is our main server...... so your main apache config stuff should be in here with SSL configured correctly..
>>>
>>> <VirtualHost *:443>
>>> ServerName
>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__www.mydomain.com&d=DwIFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=ERvrDk3V3OmOKQ_c29so3_jWrThxEfgCkxLIfX3sIvw&s=Pq870e0oOU5bb6s-jPfEyYU__hJUeQOHvv1AZX--fP0&e= <https://urldefense.proofpoint.com/v2/url?u=http-3A__www.mydomain.com&d=DwIFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=ERvrDk3V3OmOKQ_c29so3_jWrThxEfgCkxLIfX3sIvw&s=Pq870e0oOU5bb6s-jPfEyYU__hJUeQOHvv1AZX--fP0&e= > ...
>>> ...
>>> ...
>>> ...
>>> ...
>>> </VirtualHost>
>>>
>>> If you have more than one domain then you will need to add rules on
>>> port 80 to preserve the hostname & also blocks for each additional
>>> domain
>>>
>>>
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> <mailto:users-unsubscribe@httpd.apache.org>
>> For additional commands, e-mail: users-help@httpd.apache.org
>> <mailto:users-help@httpd.apache.org>
>>
>> -- The Wellcome Sanger Institute is operated by Genome Research
>> Limited, a charity registered in England with number 1021457 and a
>> company registered in England with number 2742969, whose registered
>> office is
>> 215 Euston Road, London, NW1 2BE.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Hello,
Here is the output of "apachectl -S" command:


# apachectl -S
# 


And I changed the config as below:


<VirtualHost *:80>
RequestHeader unset X-is-ssl
RewriteEngine     on
RewriteRule       ^(.*)$ https://www.example.net%{REQUEST_URI} [R=permanent,L,NE]
</VirtualHost>

## Send all traffic on port 443 which isn't the primary domain to the primary domain
## This implicitly picks up the IP for the host, the actual hostname OR the unqualified domain name example.com

<VirtualHost *:443>
  RewriteEngine     on
  RewriteRule       ^(.*)$ https://www.example.net/%{REQUEST_URI} [R,L,NE]
</VirtualHost>

<VirtualHost *:443>
  Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"
  ServerAdmin root@localhost
  ServerName www.example.net
  ServerAlias www.example.net
 ## Do not use Server Alias here for alternative domains - only use for test/dev sites...
  DocumentRoot /var/www/wp
  <Directory "/var/www/wp">
    Options Indexes FollowSymLinks
    AllowOverride all
    Require all granted
  </Directory>
ErrorLog /var/log/httpd/wordpress_error.log
CustomLog /var/log/httpd/wordpress_access.log common
RewriteEngine on
RewriteCond %{SERVER_NAME} =example.net [OR]
RewriteCond %{SERVER_NAME} =www.example.net [OR]
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
Redirect permanent / https://www.example.net

TraceEnable off
ServerSignature Off

</VirtualHost>



But, when I restarted Apache service and visit my website then it show me an error about privacy and after it the Apache test page shown.
I have a SSL conf file too:


<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin root@localhost
ServerName example.net
ServerAlias www.example.net
DocumentRoot /var/www/wp
<Directory "/var/www/wp">
Options Indexes FollowSymLinks
AllowOverride all
Require all granted
</Directory>
ErrorLog /var/log/httpd/wordpress_error.log
CustomLog /var/log/httpd/wordpress_access.log common
SSLEngine On
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/example.net/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.net/privkey.pem
</VirtualHost>
</IfModule>


Need it any change too?


Thank you.






On Monday, October 12, 2020, 11:11:11 PM GMT+3:30, Frank <thumbs@apache.org> wrote:





Yes, it does: Redirect 301 or RedirectPermanent.

Please review the docs before answering.

On 12/10/20 02:04 PM, James Smith wrote:
> Redirect doesn't allow you to distinguish between 301s and 302s which you can do with mod_rewrite {very useful feature tbh when it comes to bits like this} - the user is using WordPress so will almost certainly be using mod_rewrite to handle the nice URLs....
>
> As for the issue without a server name - you don't need one in the 800 unless you are doing something clever - as for the redirects it doesn't break but you can put one in - just make sure that it is included first!
> -----Original Message-----
> From: Frank <thumbs@apache.org>
> Sent: 12 October 2020 18:10
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] Forwarding IP to HTTPS. [EXT]
>
> James,
>
> Unless the user has many hosts, I would recommend against using mod_rewrite here. It isn't needed. And your vhost should include an explicity ServerName directive.
>
> On 12/10/20 11:56 AM, James Smith wrote:
>> So I would do this for the virtual host sections – assuming you are
>> only running ONE externally facing website – there are other things
>> you would need to do if you were running multiple ones
>>
>> ## Send all traffic on port 80 to the primary domain over SSL…
>>
>>
>> <VirtualHost *:80>
>>
>>  RequestHeader unset X-is-ssl
>>
>>  RewriteEngine    on
>>
>>  RewriteRule      ^(.*)$ https://urldefense.proofpoint.com/v2/url?u=https-3A__www.example.com-25-257BREQUEST-5FURI-257D&d=DwIFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=ERvrDk3V3OmOKQ_c29so3_jWrThxEfgCkxLIfX3sIvw&s=cugyNGRH0HsECtkleCMZbzrYIt0BcYfZk-Y6c00UdxE&e=
>> [R=permanent,L,NE]
>>
>> </VirtualHost>
>>
>> 
>>
>> ## Send all traffic on port 443 which isn't the primary domain to the
>> primary domain ## This implicitly picks up the IP for the host, the
>> actual hostname OR the unqualified domain name example.com
>>
>> 
>>
>> <VirtualHost *:443>
>>
>>  RewriteEngine    on
>>
>>  RewriteRule      ^(.*)$ https://urldefense.proofpoint.com/v2/url?u=https-3A__www.example.com_-25-257BREQUEST-5FURI-257D&d=DwIFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=ERvrDk3V3OmOKQ_c29so3_jWrThxEfgCkxLIfX3sIvw&s=m4O1DurIDDG4G-kw46brnnEEXNZ9c4pJi52RMgXto3Y&e=  [R,L,NE]
>>
>> </VirtualHost>
>>
>> 
>>
>> <VirtualHost *:443>
>>
>>  Header always set Strict-Transport-Security "max-age=63072000;
>> includeSubdomains; preload"
>>
>>  ServerAdmin root@localhost
>>
>>  ServerName
>> https://urldefense.proofpoint.com/v2/url?u=http-3A__www.example.com&d=
>> DwIFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oD
>> X0XM7vQ&m=ERvrDk3V3OmOKQ_c29so3_jWrThxEfgCkxLIfX3sIvw&s=mw3MrVOeeCL66Y
>> rcxABO8NMrnnmzLmHQBeAdm0m8VYA&e=
>>
>>  ## Do not use Server Alias here for alternative domains - only use
>> for test/dev sites...
>>
>>  DocumentRoot /var/www/wp
>>
>>  <Directory "/var/www/wp">
>>
>>    Options Indexes FollowSymLinks
>>
>>    AllowOverride all
>>
>>    Require all granted
>>
>>  </Directory>
>>
>> 
>>
>>  ## Put the rest of your wordpress stuff here...
>>
>> </VirtualHost>
>>
>> 
>>
>> *From:*Jason Long <hack3rcon@yahoo.com.INVALID>
>> *Sent:* 12 October 2020 16:39
>> *To:* users@httpd.apache.org
>> *Subject:* Re: [users@httpd] Forwarding IP to HTTPS. [EXT]
>>
>> 
>>
>> Excuse me,
>>
>> Can you clean my configuration?
>>
>> 
>>
>> On Monday, October 12, 2020, 07:06:17 PM GMT+3:30, Frank
>> <thumbs@apache.org <mailto:thumbs@apache.org>> wrote:
>>
>> 
>>
>> 
>>
>> James,
>>
>> Omitting an explicit ServerName in name-based vhosts is a bad idea as
>> well. You can create conflicts or ambiguities.
>>
>>
>> On 12/10/20 11:22 AM, James Smith wrote:
>>> This would be my set-up in your case - note as someone said it was too complex I've removed the extra security bits I'd left in by accident...
>>>
>>> ## Port 80 && 443 default configs...
>>>
>>> <VirtualHost *:80>
>>>  RequestHeader unset X-is-ssl
>>>  RewriteEngine    on
>>>  RewriteRule      ^(.*)$ https://urldefense.proofpoint.com/v2/url?u=https-3A__www.mydomain.com-25&d=DwIFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=ERvrDk3V3OmOKQ_c29so3_jWrThxEfgCkxLIfX3sIvw&s=A8EKvfUUPo1cemy_DRQyzWH7n8UvFx5myg5M7r0b380&e=  [mydomain.com%]
>> <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.mydomain.com
>> -25&d=DwMFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1
>> ecj4oDX0XM7vQ&m=aSXzAFTQK2MqTd4h8-yDESDKjJwJfq6x0sy97DB2Dlg&s=rP2yXysk
>> ai3avho4gNa3ivaQdP6NyvIGOONKga7UWLA&e=>{REQUEST_URI}
>> [R=permanent,L,NE]
>>> </VirtualHost>
>>>
>>> <VirtualHost *:443>
>>>  RewriteEngine    on
>>>  RewriteRule      ^(.*)$ https://urldefense.proofpoint.com/v2/url?u=https-3A__www.mydomain.com_-25&d=DwIFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=ERvrDk3V3OmOKQ_c29so3_jWrThxEfgCkxLIfX3sIvw&s=ueoNZtVbLE1sHVM3T0rcs5Nc_sLHgqvUtNtezSaLZIo&e=  [mydomain.com]
>> <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.mydomain.com
>> _-25&d=DwMFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge
>> 1ecj4oDX0XM7vQ&m=aSXzAFTQK2MqTd4h8-yDESDKjJwJfq6x0sy97DB2Dlg&s=0xY2vrA
>> mBv9NS93So6uL5BSAVrWQQPPc8fQe6cF_oHo&e=>{REQUEST_URI}
>> [R,L,NE]
>>> </VirtualHost>
>>>
>>> ## Port 443 default - this is our main server...... so your main apache config stuff should be in here with SSL configured correctly..
>>>
>>> <VirtualHost *:443>
>>>  ServerName
>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__www.mydomain.com&d=DwIFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=ERvrDk3V3OmOKQ_c29so3_jWrThxEfgCkxLIfX3sIvw&s=Pq870e0oOU5bb6s-jPfEyYU__hJUeQOHvv1AZX--fP0&e=  <https://urldefense.proofpoint.com/v2/url?u=http-3A__www.mydomain.com&d=DwIFaQ&c=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo&r=oH2yp0ge1ecj4oDX0XM7vQ&m=ERvrDk3V3OmOKQ_c29so3_jWrThxEfgCkxLIfX3sIvw&s=Pq870e0oOU5bb6s-jPfEyYU__hJUeQOHvv1AZX--fP0&e= >  ...
>>>  ...
>>>  ...
>>>  ...
>>>  ...
>>> </VirtualHost>
>>> 
>>> If you have more than one domain then you will need to add rules on
>>> port 80 to preserve the hostname & also blocks for each additional
>>> domain
>>>
>>>
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> <mailto:users-unsubscribe@httpd.apache.org>
>> For additional commands, e-mail: users-help@httpd.apache.org
>> <mailto:users-help@httpd.apache.org>
>>
>> -- The Wellcome Sanger Institute is operated by Genome Research
>> Limited, a charity registered in England with number 1021457 and a
>> company registered in England with number 2742969, whose registered
>> office is
>> 215 Euston Road, London, NW1 2BE.

>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org