Redirecting site using apache configuration
Home > CentOS > CentOS 6.x > Apache web server configuration > Redirecting site using apache configuration
There are many ways of reidrecting websites using apache. Most of them are discussed at http://www.yolinux.com/TUTORIALS/ApacheRedirect.html The two important ways of redirecting websites among the ones mentioned at given URL are
Using mod_alias
Redirect permanent / http://www.new-domain.com/
Using mod_rewrite
RewriteEngine On RewriteRule /.* http://www.new-domain.com/ [R]
mod_rewrite is very powerful and can achieve powerful results. For detailed help on mod_rewrite visit https://httpd.apache.org/docs/current/rewrite/
Redirecting based on IP address
RewriteEngine On
RewriteCond %{REMOTE_ADDR} 193.189.116.235
RewriteRule !/block.* http://anusaaraka.iiit.ac.in/block/ [R]
RewriteCond %{REMOTE_ADDR} 79.186.193.82
RewriteRule !/block.* http://anusaaraka.iiit.ac.in/block/ [R]
RewriteCond %{REMOTE_ADDR} 10.2.59.228
RewriteRule !/block.* http://anusaaraka.iiit.ac.in/block/ [R]
RewriteCond %{REMOTE_ADDR} 46.22.173.101
RewriteRule !/block.* http://anusaaraka.iiit.ac.in/block/ [R]
Here if incoming request is from 193.189.116.235 or 79.186.193.82 etc. IPs and the request is not starting with /block, then the user is permanently redirected to /block. This kind of redirection can be used to block few very irritating IPs who might be using bots etc. for DOS attacks and when blocking the same using firewall is not desirable. Using this we can display a message from http://anusaaraka.iiit.ac.in/block, so that if any legitimate users get blocked by mistake, they know what to do to get unblocked.
Now an alias such as
Alias /block /home/anusaaraka/block
<Directory "/home/anusaaraka/block">
Options All
AllowOverride All
Order allow,deny
Allow from all
</Directory>
can be added to serve blocked index.html from some other folder. This is useful when blocking attackers on servers were drupal, etc. CMS are installed and URLs get modified. Add these config as high in the httpd.conf as possible, so that it has precendence over other aliases and rules.
Redirect using HTML META refresh
One simple way of redirecting is by sending META refresh message to browser, so that browser redirects to a different URL. Browsers also cache the redirect HTML so this redirect is very effective and hardly generates any delay. To achieve such redirects use HTML content similar to:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-type" content="text/html;charset=UTF-8" /> <meta http-equiv="Refresh" content="0; URL=glpi" /> </head> <body> </body> </html>
Here the URL can be changed from glpi to anything else. Both relative and absolute URLs work effectively.
Forcing redirect of all HTTP requests to HTTPS
One can attempt trying to redirect all HTTP requests to HTTPS automatically using:
RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
then it will not work for the first request, which is typically displaying of login page. But if the website supports cookies and remembers login through non-secure cookies then those cookies would end-up being transmitted in plain-text before redirection to HTTPS takes effect.
The issue is described http://stackoverflow.com/questions/4083221/how-to-redirect-all-http-requests-to-https and http://stackoverflow.com/questions/4070262/how-in-htaccess-can-i-redirect-the-user-to-https-from-http-and-back-again/4071655#4071655 Another way using configuration has been used in Forcing HTTPS for redmine
Forcing HTTPS redirection while supporting mod_proxy
Note that this configuration would also break any ProxyPass configurations done to Proxy requests to above server. For example consider two server public-http and issues. If issues server is configured as explained here to redirect all non-https requests as https and public-http server is configured to ProxyPass all requests coming for issues to issues server then this configuration wont work. This is because when public-http passes requests to issues server, issues server will redirect even public-http servers requests to HTTPS. But mod_proxy does not supports HTTPS so it would use HTTP again which would result into infinite loop of redirections.
To solve this one can use following configuration:
RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteCond %{REMOTE_HOST} !<ip>
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
where, <ip> can be replaced with IP of public-http server as seen by issues server. In this case the redirection to HTTPS wont apply when requests are coming from public-http server. For HTTPS security the redirection to HTTPS configuration can be done on public-http server so that it receives requests meant for issues server through HTTPS.
Also look at Using_mod_proxy_to_pass_requests_to_local_servers_transparently to transparently proxy requests without redirecting user. This works when request is coming from a network which cannot access the server from which the pages need to be served.
Force https site to open with www or non-www version
To force https site to open with www.example.com or example.com (non-www version), use:
Forcing site to use www. hostname prefix
Edit <Virtualhost *:443> (By default located in /etc/httpd/conf.d/ssl.conf) to include
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www.example.com$ [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [L,R=301]
Forcing site to use domain name without www hostname prefix
Edit <Virtualhost *:443> (By default located in /etc/httpd/conf.d/ssl.conf) to include
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\.example\.com$
RewriteRule ^/?$ "http\:\/\/example\.com\/" [R=301,L]
Refer:
Home > CentOS > CentOS 6.x > Apache web server configuration > Redirecting site using apache configuration
