stackoom
  简体   繁体   中英

Is there a uniform https redirect method that should work for both cPanel and VestaCP when apache htpasswd is enabled?

 原文  2021-07-05 04:24:47       apache/ https/ cpanel/ vestacp

Question

I operate websites that run under both VestaCP and cPanel. While developing the sites I set up htpassword protection, the password syntax like this:

AuthType Basic
AuthUserFile /home/the-account/htpasswd
AuthName "Restricted"
Require valid-user

For redirection to get everything to redirect to https://www.the-website... I use:

RewriteEngine on
RewriteBase /

Options +FollowSymlinks

# Redirect http to https

RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.website.ext$1 [R,L]

The redirect lines work perfectly if password protection is not enabled. All of:

website.ext
www.website.ext
http://website.ext

redirect to:

https://www.website.ext (the goal)

However the behavior is different in VestaCP vs cPanel and breaks severly in cPanel. In vesta when you visit the url like website.ext it displays the apache login screen and first you have to sign in as http:// then a second time as https://www. but it works and you end up at the goal.

With cPanel it breaks. If you attempt to sign in as any of those unfully qualified URLs you end up at a timeout, not found page, something like:

www.website.ext401.shtml.

The ext and 401.html are run together as you see above. The primary page error is: The site can't be reached. If you attempt to sign in as https://www.website.ext it works perfectly.

Fixing the cPanel problem is important, VestaCP would be nice.

1 answers

solution1
 0  2021-07-24 22:59:31

With great help from a contractor friend here is the solution that we came up with which I have set up on multiple live and development (restricted-access) websites:

Error Document line at the first line of the file solves the "ErrorDocument 401" problem in cPanel when Apache password restriction is enabled

$website.$ext ==> your-website.com
$account ==> account folder of the home directory where the htpasswd file is stored; /home/home-folder

-------------- snip --------------- 

ErrorDocument 401 default 

# Redirect http to https 

  RewriteCond %{HTTPS} off [OR]
  RewriteCond %{HTTP_HOST} !^www\. [NC]
  RewriteRule ^(.*)$ https://www.$website.$ext/$1 [L,R=301]

# BEGIN-APACHE-RESTRICTION
<If " %{HTTPS} != 'off' && %{HTTP_HOST} == 'www.$website.$ext'">
  AuthType Basic
  AuthUserFile /home/$account/htpasswd
  AuthName "restricted area"
  Require valid-user
</If>
# END-APACHE-RESTRICTION

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Apache Vhosts HTTP and HTTPS (both) redirect to another domain htaccess redirect failed when using htpasswd authentication https to http htaccess redirect not working when SSL enabled How to redirect to https cpanel that has multiple domain apache redirect http to https doesn't work with safari and chrome ios apache redirect HTTPS to canonical HTTPS Apache Redirect & HTTPS Apache2 Force redirect to HTTPS doesn't work apache .htcaccess redirect to https apache http: redirect to https:
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM