Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
1.9k views
in Technique[技术] by (71.8m points)

security - Redirect Subdomain Using htaccess and Keep URL

I have searched and while I found lots of threads close, none were exactly what I am looking for...

On my site, say example.com, I've created the subdomain secure.example.com

This subdomain will have SSL.

What I want to do is redirect requests to https://secure.example.com/path/ to www.example.com/path/ while keeping the url showing as https://secure.example.com/path/

note that the purpose of subdomain.example.com is for SSL so the redirect above will need to work with SSL

I would like to use a few other redirects in the htaccess: 1) redirect non-www to www ignoring subdomains (so secure.example.com doesn't become www.secure.example.com) 2) redirect /index.php to / 3) and last but not least, force SSL on secure.example.com

In addition the shopping cart software has additional htaccess statements for functionality and SEO as seen below.

My current root htaccess:

# Prevent Directoy listing 
Options -Indexes

# Prevent Direct Access to files
<FilesMatch ".(tpl|ini|log)">
 Order deny,allow
 Deny from all
</FilesMatch>

# Turn Rewrite Engine On
RewriteEngine On

## index.php to root
Options +FollowSymlinks
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9} /index.php HTTP/
RewriteRule ^index.php$ http://www.example.com/ [R=301,L] 

## non-www to www ignore subdomains
RewriteCond %{HTTP_HOST} ^example.com [NC] 
RewriteRule ^(.*)$ http://www.example.com/$1 [R=301,L]

RewriteRule ^sitemap.xml$ index.php?route=feed/google_sitemap [L]
RewriteRule ^googlebase.xml$ index.php?route=feed/google_base [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !.*.(ico|gif|jpg|jpeg|png|js|css)
RewriteRule ^([^?]*) index.php?_route_=$1 [L,QSA]
See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

Well, specifically for the url https://secure.example.com/path/ to display content found at http://www.example.com/path/, there's 2 things that you can do. The best thing is if the 2 domains are served from the same document root:

they are on the same host and same document root. The subdomain is literally a subfolder under the root setup with a subdomain. With help from my host we now have it resolving properly and the SSL installed.

The subdirectory might be a problem, since it may not be able to rewrite out of its own document root. For example:

  • domain -> document root
  • www.example.com -> /path/to/htdocs
  • secure.example.com -> /path/to/htdocs/secure

If you had an .htaccess file in /path/to/htdocs/secure to rewrite requests for https://secure.example.com/. The problem here is you need to rewrite to the parent directory, and apache won't let you do that. If it was the other way around, you could rewrite requests for http://www.example.com/ to /secure. Also, if the two domains had the same document root, you could also rewrite. But not if secure is a subdirectory to www's document root.

My host says that mod_proxy is installed. My Apache config shows these are installed: proxy_module (static) proxy_connect_module (static) proxy_ftp_module (static) proxy_http_module (static) proxy_ajp_module (static) proxy_balancer_module (static)

That means you can at least use the P rewrite flag to send the request off to mod_proxy, so you can do something like this:

RewriteEngine On
RewriteRule ^path/$ http://www.example.com/path/ [L,P]

in the htaccess file in your secure.example.com's document root. That will only proxy specifically the URI /path/, and not anything like /path/foo/bar.html. If you want everything starting with /path/, then you can match against it:

RewriteRule ^path/(.*)$ http://www.example.com/path/$1 [L,P]

If there are redirection issues, you may want to resort to using ProxyPass instead:

ProxyPass / http://www.example.com/
ProxyPassReverse / http://www.example.com/

It does the same thing except it rewrites location headers so redirects also get proxied.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

1.4m articles

1.4m replys

5 comments

57.0k users

...