[CentOS] apache redirection

Wed May 19 21:45:53 UTC 2010
Robert Heller <heller at deepsoft.com>

At Wed, 19 May 2010 15:21:06 -0600 CentOS mailing list <centos at centos.org> wrote:

> 
> On Wed, May 19, 2010 at 2:33 PM, Robert Heller <heller at deepsoft.com> wrote:
> > At Wed, 19 May 2010 14:08:59 -0600 CentOS mailing list <centos at centos.org> wrote:
> >> <VirtualHost xxx.xxx.xxx.xxx:80>
> >>     ServerName domainname.com
> >>     Redirect permanent / http://www.domainname.com/
> >> </VirtualHost>
> >
> > You don't really need this -- you can just add the line below to your existing
> > <VirtualHost> spec for www.domainname.com
> >
> > ServerAlias domainname.com
> 
> This doesn't work. This is what we had before. When you just add the
> ServerAlias domainname.com to the VirtualHost configuration, when the
> user goes to http://domainname.com, it stays on http://domainname.com,
> and does not redirect to http://www.domainname.com. We need to have it
> go to http://www.domainname.com so that when they click a link on out
> site that then takes them to https://www.domainname.com so that it
> matches the SSL certificate.

The https: URL should be an absolute, fully qualified URL and
*explicitly* have the www.domainname.com hostname.  It should NOT be a
relative URL or any other games, including PHP/Perl/etc/ code that
(blindly) uses the SERVER_NAME environment variable -- that is the code
should either have the proper URL hard-wired OR should programatically
check SERVER_NAME for the presense of the 'www.' in the front (eg if
NOT regexp '^www.' SERVER_NAME then prepend 'www.' onto SERVER_NAME).  It
should not matter what name is being used to access the non-SSL side of
the side.

> 
> >> I tried using the same thing as above, but changing the port number to
> >> 443, and the http to https on the redirect line, but that actually
> >> breaks the site, and only displays an error:
> >> Secure Connection Failed
> >> (Error code: ssl_error_rx_record_too_long)
> >
> > Probably because the VirtualHost for domainname.com:443 does not include
> > the SSL cert info.  You can try including a ServerAlias line to your
> > VirtualHost:443 container for www.domainname.com.
> 
> That is already done, and still is giving us the SSL error, when
> trying to do a redirect.
> 
> > The only other thought would be look at your DNS record(s) for
> > domainname.com and make sure those records are 'sane' (in terms of which
> > name has the IP address and which is a CNAME record).
> 
> I believe this is correct, but I will double check that. Thanks for
> the suggestion.

-- 
Robert Heller             -- Get the Deepwoods Software FireFox Toolbar!
Deepwoods Software        -- Linux Installation and Administration
http://www.deepsoft.com/  -- Web Hosting, with CGI and Database
heller at deepsoft.com       -- Contract Programming: C/C++, Tcl/Tk