•  04-10-2022
  •  | 
  •  

Question

I want to redirect subdomains to https (when requests are arriving in http) but not for all. I'm using FuelPHP and I'm cleaning the url so that the index.php is not visible. I wrote this configuration, but that doesn't work as expected. HTTPS request are going through, but when requesting using HTTP the server fails sending an answer.

    $HTTP["host"] !~ "^(demo|faq|help|forums|mail|www)\.(domain\.com)$" {
    $HTTP["host"] =~ "^(.+\.)?(domain\.com)$" {
    $SERVER["socket"] == ":80" {
        url.redirect = ( "^/(.*)" => "https://%1/$1" )
    }
    $SERVER["socket"] == ":443" {
        ssl.engine = "enable" 
        ssl.pemfile = "/etc/lighttpd/certs/domain.com.pem"
    }
    server.document-root = "/home/domain/beta/public"
    server.errorlog = "/var/log/lighttpd/domain/beta/error.log"
    accesslog.filename = "/var/log/lighttpd/domain/beta/access.log"

    setenv.add-environment = ("FUEL_ENV" => "production")

    url.rewrite-once = (
        "/(.*)\.(.*)" => "$0",
        "/(js|ico|gif|jpg|png|swf|css|html)/" => "$0",
        "^/([^.]+)$" => "/index.php/$1")

    server.error-handler-404 = "/index.php"
  }
}

I have specific configuration for some subdomain (demo, faq, ...) which are filtered from beginning. All non filtered subdomains are dynamically manager by the application and thus MUST remained accessible but only under SSL.

Was it helpful?

Solution

I can't see all of your config so I can't say for sure if this will fix your problems.

Lighttpd should default to listening on port 80 so I haven't specified it.

# Ssl config shouldn't be in a conditional
$SERVER["socket"] == ":443" {
    ssl.engine = "enable" 
    ssl.pemfile = "/etc/lighttpd/certs/domain.com.pem"
}

$HTTP["host"] !~ "^(demo|faq|help|forums|mail|www)\.(domain\.com)$" {
    $HTTP["host"] =~ "^(.+\.)?(domain\.com)$" {
        # Use the doc specified method of detecting http
        $HTTP["scheme"] == "http" {
            # capture vhost name with regex conditiona -> %0 in redirect    pattern
            # must be the most inner block to the redirect rule
            $HTTP["host"] =~ ".*" {
                url.redirect = (".*" => "https://%0$0")
            }
        }
        ....
    }
}
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top