How do you redirect an HTTP request with a nonexistent subdirectory to HTTPS 404?

June 3, 2016 975

Apache DNS Ubuntu

I'm having a similar issue as the user here. I'm running an Ubuntu 14.04.4 droplet and using Apache2 for the webserver.

My current redirect setup goes like this:

http://example.com --> https://example.com works
http://doesnt-exist.example.com --> https://example.com works
https://example.com/doesnt-exist --> https://example.com/404 works
http://example.com/doesnt-exist --> example.comdoesnt-exist ERROR

The last one is where the problem is. For some reason, my permanent HTTP to HTTPS redirect fails if a subdirectory or file is also part of the URL. On Chrome, I get redirected to a ERR_CONNECTION_REFUSED page for example.comdoesnt-exist (obviously not a real domain) over HTTPS. For that last case, I want to have it arrive at my catch-all 404 page over HTTPS.

Here's my 000-default.conf file (I'm not using an .htaccess file):

<VirtualHost *:80>
    ServerName example.com
    Redirect permanent / https://example.com
</VirtualHost>

<VirtualHost *:443>
    ServerName example.com

    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html

    SSLEngine on
    SSLCertificateFile <location here>
    SSLCertificateKeyFile <location here>

    SSLCACertificateFile <location here>

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    ErrorDocument 404 /404.html
    ErrorDocument 400 /400.html
</VirtualHost>

<Directory /var/www/>
    Options Indexes FollowSymLinks MultiViews
    AllowOverride All
    Order allow,deny
    allow from all
</Directory>

I'm a newbie at this so there's probably an embarassing mistake in here

I greatly appreciate any help!

3 comments

bcanseco June 3, 2016
I should clarify, I tried @sierracircle's solution (shown below) from the linked thread after setting up mod rewrite but didn't observe any changes after restarting Apache.

#force https RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
sierracircle June 3, 2016
Not sure how your SSL is set up, but since I started using LetsEncrypt I no longer have any issues at all with redirects...it sets it all up for you when you install your SSL certs.

Start with your website as non-ssl, install LetsEncrypt, run it as root and near the end it will ask if you want your site to be all HTTPS or both HTTP and HTTPS. I choose "Only HTTPS" and it sets up everything for me. Restart Apache and whamo! works.

Here are my notes for installing LetsEncrypt:

git clone https://github.com/letsencrypt/letsencrypt
cd letsencrypt
once that is done, SSL your sites like so:
sudo ./letsencrypt-auto --apache
then
sudo crontab

and add this to your root's crontab:

##auto-renew your letsencrypt certs @daily /home/adam/letsencrypt/letsencrypt-auto renew
bcanseco June 4, 2016
Thanks a lot! I've heard of Let's Encrypt before - I'm definitely going with them once this cert expires.
Anyway, luckily I fiddled with this some more and found a simple solution. For anyone looking at this in the future:

<VirtualHost *:80> ServerName example.com/ <--- add a slash here Redirect permanent / https://example.com/ <--- and here </VirtualHost>

Makes a lot of sense, really stupid that I overlooked this.

Share

Share your Question

How do you redirect an HTTP request with a nonexistent subdirectory to HTTPS 404?

Leave a Comment

Related Questions

Almost there!

Report a Bug