HTTPD Centos 7 Bad Request
Question
Well, I have a bizzard problem and this is the first time,
OS: Centos 7
Apache:
Server version: Apache / 2.4.6 (CentOS)
Server built: Aug 5 2020 16:41:29
My problem is as follows: I have no redirection in the httpd.cnf configuration file, nor in the hosts files, .htaccess cannot redirect to https.
all http requests returned error:
<! DOCTYPE HTML PUBLIC "- // IETF // DTD HTML 2.0 // EN">
<html> <head>
<title> 400 Bad Request </title>
</head> <body>
<h1> Bad Request </h1>
<p> Your browser sent a request that this server could not understand. <br />
Reason: You're speaking plain HTTP to an SSL-enabled server port. <br />
Instead use the HTTPS scheme to access this URL, please. <br />
</p>
</body> </html>
I created the unsafe.cnf file in the conf.d folder by putting this line: HTTPProtocolOptions unsafe . in my hosts, i have tested two solution :
1 - redirect to https :
<VirtualHost example.com:80>
SuexecUserGroup "#1008" "#1008"
ServerName example.com
Redirect permanent / https://example.com/
</VirtualHost>
<VirtualHost example.com:443>
SuexecUserGroup "#1008" "#1008"
ServerName example.com
DocumentRoot /directory/html
SSLEngine On
...
</VirtualHost>
2- Other Solution :
<VirtualHost example.com:80>
SuexecUserGroup "#1008" "#1008"
ServerName example.com
ServerAlias www.example.com
DocumentRoot /directory/html
...
</VirtualHost>
<VirtualHost example.com:443>
SuexecUserGroup "#1008" "#1008"
ServerName example.com
ServerAlias www.example.com
DocumentRoot /directory/html
SSLEngine On
...
</VirtualHost>
3- Solution :
in .htaccess :
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
So with this configuration or without like that's the server work fine with https and http return bad request.
With CURL :
# curl -sD - http://jelocalise.maroccrm.com
HTTP/1.1 400 Bad Request
Date: Fri, 30 Oct 2020 13:32:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
Content-Length: 362
Connection: close
Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>400 Bad Request</title>
</head><body>
<h1>Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br />
Reason: You're speaking plain HTTP to an SSL-enabled server port.<br />
Instead use the HTTPS scheme to access this URL, please.<br />
</p>
</body></html>
NB : Sorry for my bad English
1 answers
solution1
1 2020-11-01 13:37:19
Reason: You're speaking plain HTTP to an SSL-enabled server port.
You somehow have configured HTTPS on port 80, which is usually used for plain HTTP. That's why the following succeeds:
$ curl -k https://jelocalise.maroccrm.com:80
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="robots" content="noindex,nofollow">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="author" content="Dolibarr Development Team">
....
Likely somewhere in your config (you only show a part) there is SSLEngine configured globally for port 80 or for some VirtualHost.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.