Linux - Server This forum is for the discussion of Linux Software used in a server related context. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
03-31-2011, 03:29 PM
|
#1
|
LQ Newbie
Registered: Sep 2009
Posts: 20
Rep:
|
Need some mod rewrite help
Hello everybody. I have a java web application running on tomcat which uses mod_jk to forward servlet requests to tomcat. I recently setup SSL on on my apache server for obvious security reasons. I have also setup a rewrite rule to redirect all http traffic to https. I am accomplishing this with the following...
<VirtualHost mydomain.com:80>
ServerName mydomain.com
DocumentRoot /opt/dev/apache2/htdocs/
JkMount /* worker1
JkUnMount /*/static/* worker1
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>
With this setup all of the static content is being served out via https which is simply not necessary. I would like to build some sort of rewrite rule that would enable anything in /*/static/* to be served out via regular http. I have been reading about mod rewrite but have not come up with a way to do this. Hopefully somebody on here can offer some insight.
Thanks!
|
|
|
03-31-2011, 06:03 PM
|
#2
|
LQ Guru
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,214
|
Hi,
Just add another RewriteCond:
Code:
RewriteCond %{REQUEST_URI} !^/(.*)/static
so only if both conditions are true you have the rewrite to https
Regards
|
|
|
04-01-2011, 08:27 AM
|
#3
|
Moderator
Registered: Jan 2005
Location: Central Florida 20 minutes from Disney World
Distribution: SlackwareŽ
Posts: 13,960
|
Moved: This thread is more suitable in <Linux-Server> and has been moved accordingly to help your thread/question get the exposure it deserves.
|
|
|
04-01-2011, 12:33 PM
|
#4
|
LQ Newbie
Registered: Sep 2009
Posts: 20
Original Poster
Rep:
|
Bathory, I tried your suggestion but all the static content is still being served out through https. Here is my complete configuration for my virtual hosts maybe you or somebody else can see what I am missing here.
<VirtualHost mydomain.com:80>
ServerName mydomain.com
DocumentRoot /opt/dev/apache2/htdocs/
JkMount /* worker1
JkUnMount /*/static/* worker1
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} !^/(.*)/static [NC]
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>
<VirtualHost mydomain.com:443>
ServerName mydomain.com
DocumentRoot /opt/dev/apache2/htdocs/
JkMount /* worker1
JkUnMount /*/static/* worker1
#Turn on SSL
SSLEngine on
#SSL Cipher Suite
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
#Server Certificate
SSLCertificateFile "/opt/dev/apache2/openssl/mydomain.com.crt
#Server Private Key
SSLCertificateKeyFile "/opt/dev/apache2/openssl/mydomain.key.nopass
#Server Certificate Chain
SSLCACertificateFile "/opt/dev/apache2/openssl/gd_bundle.crt
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/opt/dev/apache2/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# Per-Server Logging:
# The home of a custom SSL log file. Use this when you want a
# compact non-error SSL logfile on a virtual host basis.
CustomLog "/opt/dev/apache2/logs/ssl_request_log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/(.*)/static [NC]
RewriteRule (.*) http://%(HTTP_HOST}%{REQUEST_URI} [L]
</VirtualHost>
|
|
|
04-01-2011, 04:24 PM
|
#5
|
LQ Guru
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,214
|
Hi,
Could you please give more details?
The rewrite works for URLs like http://mydomain.com/whatever/static (where /whatever/ could be anything, like /foo/ or /foo/bar/ etc). This is what I presumed from the "JkUnMount /*/static/* worker1". If you want the rewrite to work for http://mydomain.com/static then use:
Code:
RewriteCond %{REQUEST_URI} !^/static
Regards
|
|
|
04-01-2011, 05:48 PM
|
#6
|
LQ Newbie
Registered: Sep 2009
Posts: 20
Original Poster
Rep:
|
Ok this is what I am trying to do...
The java webapp gets deployed several times to tomcat under different contexts. When I do an ant build it is setup to zip up all the static content of the website such as the images, css files, javascript etc. So for example if i deployed the webapp under "foo" and under "bar" the directory structure within apache would be http://mydomain.com/foo/static/outer/header.jpg and http://mydomain.com/bar/static/outer/header.jpg. It is setup this way because apache can serve out the static content much fast than the tomcat can. This also allows me to have a different set of static content for each of the deployed web apps. So now i am trying to serve all of the static content via http since there is no need to encrypt that data.
|
|
|
04-01-2011, 06:38 PM
|
#7
|
LQ Guru
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,214
|
So the first RewriteCond (post #2) should work (meaning that there exist the directories /opt/dev/apache2/htdocs/foo/static and /opt/dev/apache2/htdocs/bar/static). Are you sure about those URLs? And did you cleared your browser cache during testing?
|
|
|
04-04-2011, 12:58 PM
|
#8
|
LQ Newbie
Registered: Sep 2009
Posts: 20
Original Poster
Rep:
|
Quote:
Originally Posted by bathory
So the first RewriteCond (post #2) should work (meaning that there exist the directories /opt/dev/apache2/htdocs/foo/static and /opt/dev/apache2/htdocs/bar/static). Are you sure about those URLs? And did you cleared your browser cache during testing?
|
Yes, I am sure about those directories and I did clear my browser cache. When I applied the rewrite rules from post #2 the CSS files and images are no longer loaded and what is even stranger is they still show up in the ssl_access_log while nothing comes through on the http_access_log. Not sure whats going on here
|
|
|
04-04-2011, 01:58 PM
|
#9
|
LQ Guru
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,214
|
Hi,
When you say that static files are not loaded, do you get a 404 or other error? Have a look at error_log to see where apache is looking for these files.
Also comment out the rewrite stuff in the ssl vhost, as it's not actually needed and could give some unpredictable behavior.
|
|
|
04-04-2011, 06:28 PM
|
#10
|
LQ Newbie
Registered: Sep 2009
Posts: 20
Original Poster
Rep:
|
Quote:
Originally Posted by bathory
Hi,
When you say that static files are not loaded, do you get a 404 or other error? Have a look at error_log to see where apache is looking for these files.
Also comment out the rewrite stuff in the ssl vhost, as it's not actually needed and could give some unpredictable behavior.
|
Here is the error I get in the error_log. There are hundreds more just like this one.
File does not exist: /opt/dev/apache2/htdocs/foo/static/js/ajaxupload.js, referer: https://mydomain.com/foo/professional/profile.cgi
|
|
|
04-04-2011, 08:47 PM
|
#11
|
LQ Newbie
Registered: Sep 2009
Posts: 20
Original Poster
Rep:
|
Alright I figured out the problem. I am not sure why but the variable %{HTTP_HOST} was not resolving to anything so i just typed out the host in the rewrite rule this is what I have now which works perfectly.
<VirtualHost mydomain.com:443>
ServerName mydomain.com
DocumentRoot /opt/dev/apache2/htdocs/
JkMount /* worker1
JkUnMount /*/static/* worker1
#Turn on SSL
SSLEngine on
#SSL Cipher Suite
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
#Server Certificate
SSLCertificateFile "/opt/dev/apache2/openssl/mydomain.com.crt
#Server Private Key
SSLCertificateKeyFile "/opt/dev/apache2/openssl/mydomain.key.nopass
#Server Certificate Chain
SSLCACertificateFile "/opt/dev/apache2/openssl/gd_bundle.crt
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/opt/dev/apache2/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# Per-Server Logging:
# The home of a custom SSL log file. Use this when you want a
# compact non-error SSL logfile on a virtual host basis.
CustomLog "/opt/dev/apache2/logs/ssl_request_log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
RewriteEngine On
RewriteLog /opt/dev/apache2/logs/mod_rewrite
RewriteLogLevel 5
RewriteCond %{REQUEST_URI} ^/(.*)/static [NC]
RewriteRule (.*) http://mydomain.com%{REQUEST_URI}
</VirtualHost>
|
|
|
All times are GMT -5. The time now is 12:39 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|