Apache, non-WWW to WWW (HTTPS/Secure) and Let's Encrypt

August 10, 2019 54 views
Apache Configuration Management Let's Encrypt Ubuntu 18.04

Okay, so I've been able to install a Let's Encrypt cert on my site, and I want all variations of my domain name to go to https://www.

I've been able to redirect the insecure http versions (both www and non-www) to the https://www version, but I cannot figure out how to get the https://[non-www] version to redirect. All I get is an internal 500 error.

Normally, I use the one config file to handle everything, but since Let's Encrypt generated it's own config, I'm unsure what to do.

Here is my "normal" config file; basic and just "gets the job done".

UseCanonicalName On

<VirtualHost *:80>
  ServerName www.domain.co.uk
  ServerAlias domain.co.uk
  DocumentRoot /var/www/html/domain
  Redirect permanent / https://www.domain.co.uk
</VirtualHost>

Here's my Let's Encrypt.

<IfModule mod_ssl.c>
  <VirtualHost *:443>
    ServerAdmin admin@domain.co.uk

    ServerName www.domain.co.uk
    ServerAlias domain.co.uk

    DocumentRoot /var/www/html/domain

    <Directory /var/www/html/domain/>
      Options FollowSymLinks
      AllowOverride All
      Require all granted

      # Redirect non-www to www
      RewriteEngine On

      RewriteCond %{HTTP_HOST} !^www\. [NC]
      RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    Include /etc/letsencrypt/options-ssl-apache.conf
    SSLCertificateFile /etc/letsencrypt/live/domain.co.uk/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/domain.co.uk/privkey.pem
  </VirtualHost>
</IfModule>

Where I've got the "Redirect non-www to www are the few lines where I've tried to make the changes.

I've been struggling on this for months, and I'm just out of ideas.

I have tried a CNAME record for www, and now I have A Records for @.domain and www.domain.

My htaccess file for the site is simply used for the actual site and files (because WordPress), and I'd rather keep it that way.

1 Answer
bobbyiliev MOD August 12, 2019
Accepted Answer

Hello,

I have a good news for you! The fix is realy easy, all you need to do is to move the RewriteRule just out of the <Directory></Directory> block.

So it would look something like this:

<IfModule mod_ssl.c>
  <VirtualHost *:443>
    ServerAdmin admin@domain.co.uk

    ServerName www.domain.co.uk
    ServerAlias domain.co.uk

    DocumentRoot /var/www/html/domain

    <Directory /var/www/html/domain/>
      Options FollowSymLinks
      AllowOverride All
      Require all granted
    </Directory>

    # Redirect non-www to www
    RewriteEngine On

    RewriteCond %{HTTP_HOST} !^www\. [NC]
    RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    Include /etc/letsencrypt/options-ssl-apache.conf
    SSLCertificateFile /etc/letsencrypt/live/domain.co.uk/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/domain.co.uk/privkey.pem
  </VirtualHost>
</IfModule>

I've tested this with my site and I can confirm that it definitely works!

As always, make sure to backup your config and to run a config test before restarting Apache.

Hope that this helps!
Regards,
Bobby

Have another answer? Share your knowledge.