LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 03-31-2011, 03:29 PM   #1
carters2
LQ Newbie
 
Registered: Sep 2009
Posts: 20

Rep: Reputation: 1
Need some mod rewrite help


Hello everybody. I have a java web application running on tomcat which uses mod_jk to forward servlet requests to tomcat. I recently setup SSL on on my apache server for obvious security reasons. I have also setup a rewrite rule to redirect all http traffic to https. I am accomplishing this with the following...

<VirtualHost mydomain.com:80>
ServerName mydomain.com
DocumentRoot /opt/dev/apache2/htdocs/

JkMount /* worker1
JkUnMount /*/static/* worker1

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>

With this setup all of the static content is being served out via https which is simply not necessary. I would like to build some sort of rewrite rule that would enable anything in /*/static/* to be served out via regular http. I have been reading about mod rewrite but have not come up with a way to do this. Hopefully somebody on here can offer some insight.

Thanks!
 
Old 03-31-2011, 06:03 PM   #2
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,214
Blog Entries: 1

Rep: Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067
Hi,

Just add another RewriteCond:
Code:
RewriteCond %{REQUEST_URI} !^/(.*)/static
so only if both conditions are true you have the rewrite to https

Regards
 
Old 04-01-2011, 08:27 AM   #3
onebuck
Moderator
 
Registered: Jan 2005
Location: Central Florida 20 minutes from Disney World
Distribution: SlackwareŽ
Posts: 13,960
Blog Entries: 46

Rep: Reputation: 3188Reputation: 3188Reputation: 3188Reputation: 3188Reputation: 3188Reputation: 3188Reputation: 3188Reputation: 3188Reputation: 3188Reputation: 3188Reputation: 3188
Moved: This thread is more suitable in <Linux-Server> and has been moved accordingly to help your thread/question get the exposure it deserves.
 
Old 04-01-2011, 12:33 PM   #4
carters2
LQ Newbie
 
Registered: Sep 2009
Posts: 20

Original Poster
Rep: Reputation: 1
Bathory, I tried your suggestion but all the static content is still being served out through https. Here is my complete configuration for my virtual hosts maybe you or somebody else can see what I am missing here.

<VirtualHost mydomain.com:80>
ServerName mydomain.com
DocumentRoot /opt/dev/apache2/htdocs/

JkMount /* worker1
JkUnMount /*/static/* worker1

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} !^/(.*)/static [NC]
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>

<VirtualHost mydomain.com:443>
ServerName mydomain.com
DocumentRoot /opt/dev/apache2/htdocs/

JkMount /* worker1
JkUnMount /*/static/* worker1

#Turn on SSL
SSLEngine on

#SSL Cipher Suite
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

#Server Certificate
SSLCertificateFile "/opt/dev/apache2/openssl/mydomain.com.crt

#Server Private Key
SSLCertificateKeyFile "/opt/dev/apache2/openssl/mydomain.key.nopass

#Server Certificate Chain
SSLCACertificateFile "/opt/dev/apache2/openssl/gd_bundle.crt

<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/opt/dev/apache2/cgi-bin">
SSLOptions +StdEnvVars
</Directory>

BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0

# Per-Server Logging:
# The home of a custom SSL log file. Use this when you want a
# compact non-error SSL logfile on a virtual host basis.
CustomLog "/opt/dev/apache2/logs/ssl_request_log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

RewriteEngine On
RewriteCond %{REQUEST_URI} ^/(.*)/static [NC]
RewriteRule (.*) http://%(HTTP_HOST}%{REQUEST_URI} [L]
</VirtualHost>
 
Old 04-01-2011, 04:24 PM   #5
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,214
Blog Entries: 1

Rep: Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067
Hi,

Could you please give more details?
The rewrite works for URLs like http://mydomain.com/whatever/static (where /whatever/ could be anything, like /foo/ or /foo/bar/ etc). This is what I presumed from the "JkUnMount /*/static/* worker1". If you want the rewrite to work for http://mydomain.com/static then use:
Code:
RewriteCond %{REQUEST_URI} !^/static
Regards
 
Old 04-01-2011, 05:48 PM   #6
carters2
LQ Newbie
 
Registered: Sep 2009
Posts: 20

Original Poster
Rep: Reputation: 1
Ok this is what I am trying to do...

The java webapp gets deployed several times to tomcat under different contexts. When I do an ant build it is setup to zip up all the static content of the website such as the images, css files, javascript etc. So for example if i deployed the webapp under "foo" and under "bar" the directory structure within apache would be http://mydomain.com/foo/static/outer/header.jpg and http://mydomain.com/bar/static/outer/header.jpg. It is setup this way because apache can serve out the static content much fast than the tomcat can. This also allows me to have a different set of static content for each of the deployed web apps. So now i am trying to serve all of the static content via http since there is no need to encrypt that data.
 
Old 04-01-2011, 06:38 PM   #7
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,214
Blog Entries: 1

Rep: Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067
Quote:
So for example if i deployed the webapp under "foo" and under "bar" the directory structure within apache would be http://mydomain.com/foo/static/outer/header.jpg and http://mydomain.com/bar/static/outer/header.jpg.
So the first RewriteCond (post #2) should work (meaning that there exist the directories /opt/dev/apache2/htdocs/foo/static and /opt/dev/apache2/htdocs/bar/static). Are you sure about those URLs? And did you cleared your browser cache during testing?
 
Old 04-04-2011, 12:58 PM   #8
carters2
LQ Newbie
 
Registered: Sep 2009
Posts: 20

Original Poster
Rep: Reputation: 1
Quote:
Originally Posted by bathory View Post
So the first RewriteCond (post #2) should work (meaning that there exist the directories /opt/dev/apache2/htdocs/foo/static and /opt/dev/apache2/htdocs/bar/static). Are you sure about those URLs? And did you cleared your browser cache during testing?
Yes, I am sure about those directories and I did clear my browser cache. When I applied the rewrite rules from post #2 the CSS files and images are no longer loaded and what is even stranger is they still show up in the ssl_access_log while nothing comes through on the http_access_log. Not sure whats going on here
 
Old 04-04-2011, 01:58 PM   #9
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,214
Blog Entries: 1

Rep: Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067
Hi,

When you say that static files are not loaded, do you get a 404 or other error? Have a look at error_log to see where apache is looking for these files.
Also comment out the rewrite stuff in the ssl vhost, as it's not actually needed and could give some unpredictable behavior.
 
Old 04-04-2011, 06:28 PM   #10
carters2
LQ Newbie
 
Registered: Sep 2009
Posts: 20

Original Poster
Rep: Reputation: 1
Quote:
Originally Posted by bathory View Post
Hi,

When you say that static files are not loaded, do you get a 404 or other error? Have a look at error_log to see where apache is looking for these files.
Also comment out the rewrite stuff in the ssl vhost, as it's not actually needed and could give some unpredictable behavior.
Here is the error I get in the error_log. There are hundreds more just like this one.

File does not exist: /opt/dev/apache2/htdocs/foo/static/js/ajaxupload.js, referer: https://mydomain.com/foo/professional/profile.cgi
 
Old 04-04-2011, 08:47 PM   #11
carters2
LQ Newbie
 
Registered: Sep 2009
Posts: 20

Original Poster
Rep: Reputation: 1
Alright I figured out the problem. I am not sure why but the variable %{HTTP_HOST} was not resolving to anything so i just typed out the host in the rewrite rule this is what I have now which works perfectly.

<VirtualHost mydomain.com:443>
ServerName mydomain.com
DocumentRoot /opt/dev/apache2/htdocs/

JkMount /* worker1
JkUnMount /*/static/* worker1

#Turn on SSL
SSLEngine on

#SSL Cipher Suite
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

#Server Certificate
SSLCertificateFile "/opt/dev/apache2/openssl/mydomain.com.crt

#Server Private Key
SSLCertificateKeyFile "/opt/dev/apache2/openssl/mydomain.key.nopass

#Server Certificate Chain
SSLCACertificateFile "/opt/dev/apache2/openssl/gd_bundle.crt

<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/opt/dev/apache2/cgi-bin">
SSLOptions +StdEnvVars
</Directory>

BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0

# Per-Server Logging:
# The home of a custom SSL log file. Use this when you want a
# compact non-error SSL logfile on a virtual host basis.
CustomLog "/opt/dev/apache2/logs/ssl_request_log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

RewriteEngine On
RewriteLog /opt/dev/apache2/logs/mod_rewrite
RewriteLogLevel 5
RewriteCond %{REQUEST_URI} ^/(.*)/static [NC]
RewriteRule (.*) http://mydomain.com%{REQUEST_URI}
</VirtualHost>
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
conf :Mod rewrite,Mod Jkand virtualhosts ayyappansan Linux - Server 1 10-25-2009 04:10 AM
LXer: The Useful Uses Of Mod Rewrite LXer Syndicated Linux News 0 11-28-2008 01:41 PM
mod rewrite question jamsda Linux - Server 1 10-18-2008 07:31 PM
Apache2 mod vhost_alias - problems with .htaccess mod rewrite d_t_baker Linux - Server 1 08-16-2007 08:32 PM
Mod Rewrite Help carminejg3 Linux - Software 0 12-20-2004 06:19 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 12:39 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration