Https not redirecting on apache 2 virtual hosts (SSL by certbot)

janbo

New Member
Credits
30
Hello everyone,
I have my pi running debian buster. I set up a cloud with the subdomain cloud.example.com and a website as example.com. I installed SSL using certbot. It seems all to be working except that if I type http://www.example.com it doesn't rewrite to https://www.example.com. All other rewrite rules are working fine. What could be the problem that the www.example.com doesn't automatically redirect?

I have the files in the folder /etc/apache2/sites-available:
1. www.example.com.conf:
Apache config:
<VirtualHost *:80>
    ServerAdmin [email protected]
    ServerName www.example.com
    ServerAlias www.example.com
    DocumentRoot /var/www/example.com/public_html
    ErrorLog ${APACHE_LOG_DIR}/example.com_error.log
    CustomLog ${APACHE_LOG_DIR}/example.com_access.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =www.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
2. example.com.conf
Apache config:
<VirtualHost *:80>
    ServerAdmin [email protected]
    ServerName example.com
    ServerAlias example.com
    DocumentRoot /var/www/example.com/public_html
    ErrorLog ${APACHE_LOG_DIR}/example.com_error.log
    CustomLog ${APACHE_LOG_DIR}/example.com_access.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
3. nextcloud.conf
Apache config:
Alias /nextcloud "/var/www/nextcloud/"

<Directory /var/www/nextcloud/>
  Require all granted
  AllowOverride All
  Options FollowSymLinks MultiViews

  <IfModule mod_dav.c>
    Dav off
  </IfModule>
</Directory>

<VirtualHost *:80>
    ServerAdmin [email protected]
    DocumentRoot /var/www/nextcloud
    ServerName cloud.example.com
    ServerAlias cloud.example.com
    ErrorLog ${APACHE_LOG_DIR}/nextcloud_error.log
    CustomLog ${APACHE_LOG_DIR}/nextcloud_access.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =cloud.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
Thanks for your help already!
 


f33dm3bits

Gold Member
Gold Supporter
Credits
24,603
This part has nothing to do with https but I think you misplaced the alias and the directory in #3 those should be within the virtualhost directives. I only have this for my nextcloud vhost to redirect http to https, try if it works for you.
Code:
RewriteEngine on
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
I used the Mozilla SSL Configuration Generator.
 
Last edited:
  • Like
Reactions: Rob

janbo

New Member
Credits
30
I think you missed a part of the nextcloud vhost since I it's missing an opening of the virtualhost. I only have this for my nextcloud vhost to redirect http to https, try if it works for you.
Code:
RewriteEngine on
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
I used the Mozilla SSL Configuration Generator.
How do you mean missing the opening? With the nextcloud subdomain everything is working fine just the "maindomain" with the www (www.example.com) wont redirect to https... The error occurs only if I change the https to http and then reload the site then it loads the site but as "unsecure". If I change it back to https it works as normal with the certificate again....

I reduced the VH now to only two files but there is still the same issue occuring that www.example.com isnt getting redirected from http to https:
1. example.com.conf
Apache config:
<VirtualHost *:80>
    ServerAdmin [email protected]
    ServerName example.com
    ServerAlias www.example.com
    DocumentRoot /var/www/example.com/public_html
    ErrorLog ${APACHE_LOG_DIR}/example.com_error.log
    CustomLog ${APACHE_LOG_DIR}/example.com_access.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
2. nextcloud.conf
Apache config:
Alias /nextcloud "/var/www/nextcloud/"

<Directory /var/www/nextcloud/>
  Require all granted
  AllowOverride All
  Options FollowSymLinks MultiViews

  <IfModule mod_dav.c>
    Dav off
  </IfModule>

</Directory>


<VirtualHost *:80>
    ServerAdmin [email protected]
    DocumentRoot /var/www/nextcloud
    ServerName cloud.example.com
    ServerAlias cloud.example.com
    ErrorLog ${APACHE_LOG_DIR}/nextcloud_error.log
    CustomLog ${APACHE_LOG_DIR}/nextcloud_access.log combined
RewriteEngine on
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
Do you think it could have something to do with the two ssl config files generated by the certbot?
3. example.com-le-ssl.conf
Apache config:
<IfModule mod_ssl.c>
<VirtualHost *:443>
    ServerAdmin [email protected]
    DocumentRoot /var/www/nextcloud
    ServerName cloud.example.com
    ServerAlias cloud.example.com
    ErrorLog ${APACHE_LOG_DIR}/nextcloud_error.log
    CustomLog ${APACHE_LOG_DIR}/nextcloud_access.log combined

Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
</VirtualHost>
</IfModule>
4. nextcloud-le-ssl.conf
Apache config:
<IfModule mod_ssl.c>
<VirtualHost *:443>
    ServerAdmin [email protected]
    ServerName example.com
    ServerAlias www.example.com
    DocumentRoot /var/www/example.com/public_html
    ErrorLog ${APACHE_LOG_DIR}/example.com_error.log
    CustomLog ${APACHE_LOG_DIR}/example.com_access.log combined

SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
 
Last edited:

f33dm3bits

Gold Member
Gold Supporter
Credits
24,603

KGIII

Super Moderator
Staff member
Gold Supporter
Credits
26,277
This is part of my htaccess from a music site that I operate:

Code:
# Force HTTPS
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://musicfor.us/$1 [R,L]
That works for me.

Bonus:

If you want to do HSTS then add also:

Code:
<IfModule mod_headers.c>
Header set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" env=HTTPS
</IfModule>
 
$100 Digital Ocean Credit
Get a free VM to test out Linux!

Members online


Top