将* .example.com和example.com重定向到HTTPS的www.example.com时出现问题
[英]Problem with redirecting *.example.com & example.com to www.example.com for HTTPS
问题描述
We have a site I'll call example.com. 
我们有一个网站,我将其称为example.com。 Most of the time you see http://www.example.com and sometimes we redirect you to https://www.example.com . 大多数情况下,您会看到http://www.example.com ,有时我们会将您重定向到https://www.example.com 。
We want to redirect anyone going to http://example.com or http://*.example.com to http://www.example.com , and the same for https. 我们要将重定向到http://example.com或http://*.example.com的任何人重定向到http://www.example.com ,并将https重定向。 (It's mainly to avoid the alert you get if you go to https://example.com instead of https://www.example.com ) (主要是避免访问https://example.com而不是https://www.example.com时收到的警报)
Our vhost file is at the end of the post. 我们的虚拟主机文件在文章末尾。 It works nicely except for one strange behavior: 除一种奇怪的行为外 ,它运行良好:
- http://example.com -> successfully redirects to http://www.example.com http://example.com- >成功重定向到http://www.example.com
- http://www.example.com -> successfully does not redirect http://www.example.com- >成功未重定向
- http://foo.example.com -> successfully redirects to http://www.example.com http://foo.example.com- >成功重定向到http://www.example.com
- https://example.com -> successfully redirects to https://www.example.com https://example.com- >成功重定向到https://www.example.com
- https://www.example.com -> successfully does not direct https://www.example.com- >无法成功定向
- https://foo.example.com -> ERROR - redirects to http://www.example.com https : //foo.example.com- > 错误 -重定向到http://www.example.com
It's this last result I can't fathom. 这是我无法理解的最后结果。 I've tried a lot of trial and error solutions from Google & Stack Overflow but nothing seems to change it. 我已经尝试了Google&Stack Overflow的许多反复试验解决方案,但似乎没有任何改变。 Even if we swap the order of the configurations (so that 443 is before 80) it still redirects https://foo.example.com to http://www.example.com 即使我们交换配置顺序(因此443在80之前),它仍然会将https://foo.example.com重定向到http://www.example.com
We are running Apache/2.2.12 on Ubuntu. 我们在Ubuntu上运行Apache / 2.2.12。
Here's the configuration file: 这是配置文件:
<VirtualHost *:80>
ServerName www.example.com
ServerAlias example.com *.example.com
ServerSignature On
DocumentRoot /var/www/example.com/public
RailsEnv 'production'
PassengerHighPerformance on
<Directory /var/www/example.com/public>
AllowOverride all
Options -MultiViews
</Directory>
SSLEngine Off
CustomLog /var/log/apache2/example.log combined
ErrorLog /var/log/apache2/example-error.log
# Possible values include: debug, info, notice, warn, error, crit, alert, emerg.
LogLevel warn
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^[^\./]+\.[^\./]+$
RewriteRule ^/(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]
</VirtualHost>
<VirtualHost *:443>
ServerName www.example.com
ServerAlias example.com *.acome.com
DocumentRoot /var/www/example.com/public
RailsEnv 'production'
PassengerHighPerformance on
<Directory /var/www/example.com/public>
AllowOverride all
Options -MultiViews
</Directory>
SSLCertificateFile /etc/ssl/certs/www.example.com.crt
SSLCertificateKeyFile /etc/ssl/private/example.com.private.key
SSLCACertificateFile /etc/ssl/certs/EV_intermediate.crt
SSLEngine On
CustomLog /var/log/apache2/ssl-example.log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
ErrorLog /var/log/apache2/ssl-example-error.log
# Possible values include: debug, info, notice, warn, error, crit, alert, emerg.
LogLevel warn
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteCond %{HTTP_HOST} ^[^\./]+\.[^\./]+$
RewriteRule ^/(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]
</VirtualHost>
2 个解决方案
解决方案1
0 2010-05-13 22:53:30
ServerAlias acme.com *.acome.com
Is that the problem right there? 那是那里的问题吗? You have misspelled your domain name. 您的域名拼写错误。
解决方案2
0 已采纳 2010-05-14 15:18:48
Thanks to everyone who took the time to read the question, or (even better) to try and help. 感谢所有花时间阅读问题或者(甚至更好)尝试和帮助的人。 It's what makes Stack Overflow such a useful resource. 这就是使Stack Overflow如此有用的资源的原因。
We re-read TFM, learnt a bit more about Apache rewrite and here's the answer. 我们重新阅读了TFM,了解了有关Apache重写的更多信息,这就是答案。
Problem #1: The rewrite rules (taken from Google) were designed to only redirect acme.com to www.acme.com, not any other sub-domain. 问题1:重写规则(取自Google)仅用于将acme.com重定向到www.acme.com,而不能将任何其他子域重定向。
Problem #2: For some reason, Chrome was redirecting to http://www.acme.com by itself. 问题2:由于某种原因,Chrome本身已重定向到http://www.acme.com 。 When we removed the rewrite rules completely, the described behavior still happened. 当我们完全删除重写规则时,描述的行为仍然发生。
Solution: Change the rewrite rules to actually catch any sub-domain other than www. 解决方案:更改重写规则以实际捕获除www之外的任何子域。
See below for a working solution. 请参阅下面的可行解决方案。
There remains one issue. 仍然存在一个问题。 if you go to https://acme.com (or any sub-domain), some browsers will throw a warning saying the SSL certification does not match before redirecting you. 如果您访问https://acme.com (或任何子域),某些浏览器将在重定向您之前发出警告,指出SSL认证不匹配。 The only way to fix this is to get a wildcard cert. 解决此问题的唯一方法是获取通配符证书。 As we're using an Extended Validation cert that was already very expensive we're just going to have to live with that warning for now. 由于我们使用的扩展验证证书本来就非常昂贵,因此现在我们只需要忍受该警告即可。 Would love to hear about any workarounds that would avoid showing an invalid cert warning before redirection. 很想知道在重定向之前避免显示无效证书警告的任何解决方法。
<VirtualHost *:80>
ServerName www.acme.com
ServerAlias acme.com *.acme.com
ServerSignature On
DocumentRoot /var/www/acme.com/public
RailsEnv 'production'
PassengerHighPerformance on
<Directory /var/www/acme.com/public>
AllowOverride all
Options -MultiViews
</Directory>
SSLEngine Off
CustomLog /var/log/apache2/acme.log combined
ErrorLog /var/log/apache2/acme-error.log
# Possible values include: debug, info, notice, warn, error, crit, alert, emerg.
LogLevel warn
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} ^/(stats/|missing\.html|failed_auth\.html|error/).* [NC]
RewriteRule .* - [L]
RewriteCond %{ENV:REDIRECT_STATUS} 200
RewriteRule .* - [L]
RewriteCond %{HTTP_HOST} !^www\.[a-z-]+\.[a-z]{2,6} [NC]
RewriteCond %{HTTP_HOST} ([a-z-]+\.[a-z]{2,6})$ [NC]
RewriteRule ^/(.*)$ http://www.%1/$1 [R=301,L]
</VirtualHost>
<VirtualHost *:443>
ServerName www.acme.com
ServerAlias acme.com *.acme.com
DocumentRoot /var/www/acme.com/public
RailsEnv 'production'
PassengerHighPerformance on
<Directory /var/www/acme.com/public>
AllowOverride all
Options -MultiViews
</Directory>
SSLCertificateFile /etc/ssl/certs/www.acme.com.crt
SSLCertificateKeyFile /etc/ssl/private/acme.com.private.key
SSLCACertificateFile /etc/ssl/certs/EV_intermediate.crt
SSLEngine On
CustomLog /var/log/apache2/ssl-acme.log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
ErrorLog /var/log/apache2/ssl-acme-error.log
# Possible values include: debug, info, notice, warn, error, crit, alert, emerg.
LogLevel warn
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} ^/(stats/|missing\.html|failed_auth\.html|error/).* [NC]
RewriteRule .* - [L]
RewriteCond %{ENV:REDIRECT_STATUS} 200
RewriteRule .* - [L]
RewriteCond %{HTTP_HOST} !^www\.[a-z-]+\.[a-z]{2,6} [NC]
RewriteCond %{HTTP_HOST} ([a-z-]+\.[a-z]{2,6})$ [NC]
RewriteRule ^/(.*)$ https://www.%1/$1 [R=301,L]
</VirtualHost>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.