How do you redirect an HTTP request with a nonexistent subdirectory to HTTPS 404?

June 3, 2016 3.6k views
Apache DNS Ubuntu
bcanseco
By:
bcanseco

I'm having a similar issue as the user here. I'm running an Ubuntu 14.04.4 droplet and using Apache2 for the webserver.

My current redirect setup goes like this:

The last one is where the problem is. For some reason, my permanent HTTP to HTTPS redirect fails if a subdirectory or file is also part of the URL. On Chrome, I get redirected to a ERR_CONNECTION_REFUSED page for example.comdoesnt-exist (obviously not a real domain) over HTTPS. For that last case, I want to have it arrive at my catch-all 404 page over HTTPS.

Here's my 000-default.conf file (I'm not using an .htaccess file):

<VirtualHost *:80>
    ServerName example.com
    Redirect permanent / https://example.com
</VirtualHost>

<VirtualHost *:443>
    ServerName example.com

    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html

    SSLEngine on
    SSLCertificateFile <location here>
    SSLCertificateKeyFile <location here>

    SSLCACertificateFile <location here>

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    ErrorDocument 404 /404.html
    ErrorDocument 400 /400.html
</VirtualHost>

<Directory /var/www/>
    Options Indexes FollowSymLinks MultiViews
    AllowOverride All
    Order allow,deny
    allow from all
</Directory>

I'm a newbie at this so there's probably an embarassing mistake in here

I greatly appreciate any help!

3 comments
  • bcanseco June 3, 2016

    I should clarify, I tried @sierracircle's solution (shown below) from the linked thread after setting up mod rewrite but didn't observe any changes after restarting Apache.

    #force https 
RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
  • sierracircle June 3, 2016

    Not sure how your SSL is set up, but since I started using LetsEncrypt I no longer have any issues at all with redirects...it sets it all up for you when you install your SSL certs.

    Start with your website as non-ssl, install LetsEncrypt, run it as root and near the end it will ask if you want your site to be all HTTPS or both HTTP and HTTPS. I choose "Only HTTPS" and it sets up everything for me. Restart Apache and whamo! works.

    Here are my notes for installing LetsEncrypt:

     git clone https://github.com/letsencrypt/letsencrypt

     cd letsencrypt
    once that is done, SSL your sites like so: 
    sudo   ./letsencrypt-auto --apache
    then 
    sudo crontab

    and add this to your root's crontab:

    ##auto-renew your letsencrypt certs
@daily /home/adam/letsencrypt/letsencrypt-auto renew
  • bcanseco June 4, 2016

    Thanks a lot! I've heard of Let's Encrypt before - I'm definitely going with them once this cert expires.
    Anyway, luckily I fiddled with this some more and found a simple solution. For anyone looking at this in the future:

    <VirtualHost *:80>
    ServerName example.com/ <--- add a slash here
    Redirect permanent / https://example.com/ <--- and here
</VirtualHost>

    Makes a lot of sense, really stupid that I overlooked this.

Log In to Comment
1 Answer
asb MOD January 31, 2018

This question was answered by @bcanseco:

Thanks a lot! I've heard of Let's Encrypt before - I'm definitely going with them once this cert expires.
Anyway, luckily I fiddled with this some more and found a simple solution. For anyone looking at this in the future:

<VirtualHost *:80>
   ServerName example.com/ <--- add a slash here
   Redirect permanent / https://example.com/ <--- and here
</VirtualHost>

Makes a lot of sense, really stupid that I overlooked this.

View the original comment

Reply
Have another answer? Share your knowledge.

Related Questions