Can't seem to get a http to https redirect

mathuaerknedam

December 13, 2017 16:09

I specifically need an http to https redirect that works in curl, so I've been testing with "curl -IL Redirect 302 /foo https://support.example.com
With that, I get the following output from curl:

T[mneedham@jelly:~/] curl -IL http://support.example.com/foo
HTTP/1.1 302 Found
Date: Wed, 13 Dec 2017 21:58:47 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Location: https://support.example.com
Content-Type: text/html; charset=iso-8859-1

HTTP/1.1 200 OK
Date: Wed, 13 Dec 2017 21:58:48 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
X-Powered-By: PHP/5.5.30
Vary: User-Agent
Content-Type: text/html

This is what I need - a 302 with a location header, followed by a 200. For the real redirect, I have:


    RewriteEngine On
    RewriteCond %{HTTPS} off
#    RewriteCond %{HTTPS} !=on
#    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=302]
#    RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [L,R=302]
    RewriteRule (.*) https://support.example.com%{REQUEST_URI} [R=302,L]

The comments show some of the alternative syntax I've tried. But no dice:

T[mneedham@jelly:~/] curl -IL http://support.example.com/
HTTP/1.1 200 OK
Date: Wed, 13 Dec 2017 22:01:48 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Sat, 14 Nov 2015 04:20:43 GMT
ETag: "1c121-6f-524787fd69cc0"
Accept-Ranges:  none
Content-Length: 111
Content-Type: text/html

I have this working on another server (one without CPanel):

T[mneedham@jelly:~/] curl -IL http://gamma.example.com/
HTTP/1.1 302 Found
Cache-Control: no-cache
Content-length: 0
Location: https://gamma.example.com/
Connection: close

HTTP/1.1 200 OK
Date: Wed, 13 Dec 2017 22:02:33 GMT
Server: Apache/2.2.3 (CentOS)
Strict-Transport-Security: max-age=0; includeSubdomains; preload
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Last-Modified: Mon, 13 Jun 2016 16:16:30 GMT
ETag: "3648051-247-36095380"
Accept-Ranges: bytes
Content-Length: 583
Content-Type: text/html; charset=UTF-8
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-Frame-Option: SAMEORIGIN

Any ideas?

Comments

6 comments

cPanelMichael

December 13, 2017 21:39
Hello, Here are a few StackOverflow threads you may find helpful: Is there a way to follow redirects with command line cURL How can I find where I will be redirected using cURL? cURL refuses to display 302 redirect URL Thank you.
0
mathuaerknedam

December 14, 2017 14:08
Those posts seem to all be about how to tweak curl to get it to follow redirects. I have no controls over curl (in fact, I explicitly can't ask my users to change any of their existing scripts), so I'm trying to get this working with my cPanel server like it works on my other server. For example, on my cPanel server, this will save 404.html, but with the file name that's being requested, because the redirect isn't being followed.
curl -L -O http://support.example.com/ftp/HDF/releases/HDF4.2.10/src/hdf-4.2.10.tar.gz
On my server without cPanel, curl follows the redirect and the correct file is downloaded.
curl -L -O http://gamma.example.com/ftp/pub/outgoing/szip-MacOSX/SZIP-U.tar.gz
So I need to know how to get my cPanel server to behave this way, without any changes to how curl is run on the client side.
0
mathuaerknedam

December 14, 2017 19:53
I've confirmed that the redirect in .htaccess work, but they appear to only be working for example.com, and not for subdomains. If htaccess doens't contain a specific http-https redirect, the later redirect from example.com to www.example.com works in two steps.
T[mneedham@jelly:~/] curl -IL http://example.com/ HTTP/1.1 302 Found Date: Thu, 14 Dec 2017 20:11:42 GMT Server: Apache Location: https://www.example.com/ Content-Type: text/html; charset=iso-8859-1 HTTP/1.1 200 OK Date: Thu, 14 Dec 2017 20:11:43 GMT Connection: keep-alive Cache-Control: public, max-age=600 Content-Type: text/html; charset=UTF-8 Link: ; rel=shortlink Server: nginx Set-Cookie: SESSd032b234df65d8974df0a9209036ab3e=ce1a18ef38461b932d77702ef5666752; expires=Thu, 14-Dec-2017 20:11:42 GMT; Max-Age=0 Set-Cookie: SSESSd032b234df65d8974df0a9209036ab3e=6aed4ca399317157ec84299b4f70d73f; path=/; domain=.example.com; secure; HttpOnly Surrogate-Key-Raw: front post-3457 post-user-3 single X-Pantheon-Styx-Hostname: styx-fe1-a-2529815732-m966b X-Styx-Req-Id: styx-4ce7861ff9790e49a0ae2be8633dc655 X-Tec-Api-Origin: https://www.example.com X-Tec-Api-Root: https://www.example.com/wp-json/tribe/events/v1/ X-Tec-Api-Version: v1 Via: 1.1 varnish Fastly-Debug-Digest: d2eba00737b281447999a6e11aa618822662cd5965810cd10e8966ec5136e560 Accept-Ranges: bytes Via: 1.1 varnish Age: 0 X-Served-By: cache-mdw17327-MDW, cache-ord1733-ORD X-Cache: MISS, MISS X-Cache-Hits: 0, 0 X-Timer: S1513282302.297314,VS0,VE750 Vary: Accept-Encoding, Cookie, Cookie
If I add the http-https redirect at the top, I see the https redirect, followed by the www.example.com redirect. This at least tells me that the redirect syntax is correct and *IS* working (inconsistently).
T[mneedham@jelly:~/] curl -IL http://example.com/ HTTP/1.1 302 Found Date: Thu, 14 Dec 2017 20:11:52 GMT Server: Apache Location: https://example.com/ Content-Type: text/html; charset=iso-8859-1 HTTP/1.1 302 Found Date: Thu, 14 Dec 2017 20:11:52 GMT Server: Apache Location: https://www.example.com/ Content-Type: text/html; charset=iso-8859-1 HTTP/1.1 200 OK Date: Thu, 14 Dec 2017 20:11:53 GMT Connection: keep-alive Cache-Control: public, max-age=600 Content-Type: text/html; charset=UTF-8 Link: ; rel=shortlink Server: nginx Set-Cookie: SESSd032b234df65d8974df0a9209036ab3e=c2ad7658d08f2322661b17f0852b7849; expires=Thu, 14-Dec-2017 20:11:52 GMT; Max-Age=0 Set-Cookie: SSESSd032b234df65d8974df0a9209036ab3e=35a0ec0edf39b9f856cada1a46dad8a1; path=/; domain=.example.com; secure; HttpOnly Surrogate-Key-Raw: front post-3457 post-user-3 single X-Pantheon-Styx-Hostname: styx-fe1-b-907954384-fphbx X-Styx-Req-Id: styx-f81f66c0ca0cca5c06f88e4f79bffb71 X-Tec-Api-Origin: https://www.example.com X-Tec-Api-Root: https://www.example.com/wp-json/tribe/events/v1/ X-Tec-Api-Version: v1 Via: 1.1 varnish Fastly-Debug-Digest: d2eba00737b281447999a6e11aa618822662cd5965810cd10e8966ec5136e560 Accept-Ranges: bytes Via: 1.1 varnish Age: 0 X-Served-By: cache-mdw17343-MDW, cache-ord1730-ORD X-Cache: MISS, MISS X-Cache-Hits: 0, 0 X-Timer: S1513282313.530212,VS0,VE780 Vary: Accept-Encoding, Cookie, Cookie
But if I try this with support.example.com, or any other subdomain, there's no redirect!? There may be an additional, or deeper problem. It's not just the http to https redirect that isn't working properly. Even without the http-https redirect in place, correctly returns 302 followed by 200.
T[mneedham@jelly:~/] curl -IL http://bigtime.example.com/ HTTP/1.1 200 OK Date: Thu, 14 Dec 2017 20:25:59 GMT Server: Apache Strict-Transport-Security: max-age=63072000; includeSubDomains; preload X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block Referrer-Policy: strict-origin-when-cross-origin Last-Modified: Sat, 14 Nov 2015 04:20:43 GMT ETag: "1c121-6f-524787fd69cc0" Accept-Ranges: none Content-Length: 111 Content-Type: text/html T[mneedham@jelly:~/] curl -IL https://bigtime.example.com/ HTTP/1.1 302 Found Date: Thu, 14 Dec 2017 20:26:14 GMT Server: Apache Strict-Transport-Security: max-age=63072000; includeSubDomains; preload X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block Referrer-Policy: strict-origin-when-cross-origin Location: https://w19.bthost.com/hdf/ Content-Type: text/html; charset=iso-8859-1 HTTP/1.1 200 OK Cache-Control: private Content-Length: 3879 Content-Type: text/html Expires: Thu, 14 Dec 2017 20:26:31 GMT Server: Microsoft-IIS/7.5 Set-Cookie: ASPSESSIONIDSSGQDCBR=JPMDMOGBINDFKGHMLEHBMBLI; secure; path=/ X-Powered-By: ASP.NET X-Robots-Tag: noindex, nofollow Date: Thu, 14 Dec 2017 20:26:30 GMT
Here are the relevant redirects.
RewriteCond %{HTTP_HOST} ^bigtime\.example\.com$ RewriteRule ^(.*)$ "https\:\/\/w19\.domain\.com\/hdf\/$1" [R=302,L] RewriteCond %{HTTP_HOST} ^example\.com RewriteRule ^(.*)$ "https\:\/\/www\.example\.com\/$1" [R=302,L] RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L]
0
cPanelMichael

December 15, 2017 19:36
Hello, Could you open a support ticket using the link in my signature so we can take a closer look? Thank you.
0
mathuaerknedam

December 15, 2017 20:23
Thanks, I've created support request 9113359.
0
mathuaerknedam

December 18, 2017 14:35
This has been resolved by cPanel support. For anyone else who reads this, the problem was that I had DNS directing subdomains to the server, but hadn't added the subdomains within cPanel. So I removed my subdomains' DNS records, added the subdomain to cPanel (with a doc root of public_html/), and everything started working.
0

Please sign in to leave a comment.

Comments

Didn't find what you were looking for?