Apache 2 configuration tips
Handy or rarely used Apache 2 setups.
This howto is tested on:
- Debian 6.0 Squeeze
Prerequisites
This howto needs a Apache2 HTTP server installed as described in Install and setup Apache 2 on Debian.
Configurations
Debug RewriteRule rules
In order to debug RewriteRules rules, add these lines to the configuration of debugged VirtualHost:
RewriteLog /var/log/apache2/rewrite.log
RewriteLogLevel 5
Reload the server configuration:
/etc/init.d/apache2 reload
Open the log file:
command tail -f "/var/log/apache2/rewrite.log"
Reload the HTTP request to analyze.
Disable the HTTPS for a given URL
Provide the site domain name:
DOMAIN="www.domain.com"
It is simple to redirect all of HTTP requests to the HTTPS version of a site with a "Redirect Permanent" rule such a the one created by:
command a2tools -t "redirect" "${DOMAIN}" "https://${DOMAIN}/"
To disable this redirection for a unique URL, use :
command a2tools add-custom "${DOMAIN}" " # Redirect everything but one URL match to https.
RewriteEngine On
RewriteCond "%{REQUEST_URI}?%{QUERY_STRING}" !^/public.php\?op=rss
RewriteRule ^/(.*) https://${DOMAIN}/\$1 [R=301,L]
# The root folder of this virtual host.
DocumentRoot /opt/${DOMAIN}
# Some options for the root folder.
# Read Apache 2 documentation to know exactly what is done.
<Directory /opt/${DOMAIN}>
Options Indexes FollowSymLinks MultiViews
# If you want to enable overrides, you should read:
# http://httpd.apache.org/docs/2.0/mod/core.html#allowoverride
AllowOverride Limit
Order allow,deny
Allow from all
</Directory>"
Replace "/public.php\?op=rss" by the URL mask corresponding to the request you want to keep on HTTP.
Remove "?%{QUERY_STRING}" if the URL with redirection does not use GET parameters.
Redirect a HTTP access to HTTPS and keeping the host name
To automaticaly redirect HTTP accesses to a range of sub-domains to their HTTPS equivalents, provide the main domain name (used to name the created VirtualHost file):
DOMAIN="suffix.domain.com"
Provide the sub-domains to redirect selector (* select everything):
OTHER_DOMAINS="*-suffix.domain.com"
Create the setup redirecting all domains to their HTTPS equivalent (the line providing the redirection is bolded):
command a2tools add-custom --alias "${OTHER_DOMAINS}" "${DOMAIN}" "
<IfModule mod_rewrite.c>
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</IfModule>
# Redirect every body to the HTTPS site.
# This make sure that all users use secure version of the site.
# Note the "permanent" : It is good for search engine optimization :D.
Redirect permanent / https://${DOMAIN}/
# This Location directives allow users to access the redirection.
# Do not remove this if you want your site to work.
<Location />
Order deny,allow
Allow from all
</Location>"