Join Log in
Score:1
iraqiboy90 avatar Server

htaccess rewrite rule not working with file extentions

de flag
iraqiboy90

I have two domains setup on the same folder on a server.

i.e.

dl.d123.com      @ /var/www/public_html/dl.domain123.com
dl.domain123.com @ /var/www/public_html/dl.domain123.com

I have an htaccess file in /var/www/public_html/domain123.com with the following lines:

RewriteEngine On
#Rewrite URLs to one SSL domain
RewriteCond %{HTTP_HOST} ^dl\.d123\.com [NC]
RewriteRule ^(.*)$ https://dl.domain123.com/$1 [L,R=301,NC]

This rule is working fine with any URLs that does not contain file extension

dl.d123.com/folder1/folder2 redirects to dl.domain123.com/folder1/folder2

but doesnt work with any URL that contains a file extension

dl.d123.com/folder1/folder2/index.html stays the same.

It's not just html extension. Same thing with i.e. png files.

The server is setup with nginx as proxy. nginx:80/443 -> apache:8080/8443

EDIT: (Domain name and IPs changed for privacy/security) Nginx configs :80

server {
    listen 123.123.123.123:80;  
    server_name dl.domain123.org  www.dl.domain123.org;

    access_log /usr/local/apache/domlogs/dl.domain123.org.bytes bytes;
    access_log /usr/local/apache/domlogs/dl.domain123.org.log full;
    error_log /usr/local/apache/domlogs/dl.domain123.org.error.log error;

    location / {
        location ~.*\.(3gp|gif|jpg|jpeg|png|ico|wmv|avi|asf|asx|mpg|mpeg|mp4|pls|mp3|mid|wav|swf|flv|html|htm|txt|js|css|exe|zip|tar|rar|gz|tgz|bz2|uha|7z|doc|docx|xls|xlsx|pdf|iso|woff|ttf|svg|eot|sh|webp)$ {
            root /home/s4h/dl.domain123.org;                    
            expires max;
            try_files $uri $uri/ @backend;
        }
        
        error_page 405 = @backend;
        error_page 500 = @custom;
        add_header X-Cache "HIT from Backend";
        add_header X-XSS-Protection "1; mode=block" always;
        add_header X-Content-Type-Options "nosniff" always;
        proxy_pass http://123.123.123.123:8181;
        include proxy.inc;
    }

    location @backend {
        internal;
        proxy_pass http://123.123.123.123:8181;
        include proxy.inc;
    }

    location @custom {
        internal;
        proxy_pass http://123.123.123.123:8181;
        include proxy.inc;
    }

    location ~ .*\.(php|jsp|cgi|pl|py)?$ {
        proxy_pass http://123.123.123.123:8181;
        include proxy.inc;
    }

    location ~ /\.ht    {deny all;}
    location ~ /\.svn/  {deny all;}
    location ~ /\.git/  {deny all;}
    location ~ /\.hg/   {deny all;}
    location ~ /\.bzr/  {deny all;}
    location ~\.(ini|log|conf)$ {deny all;error_page 403 =404 / ;}

    disable_symlinks if_not_owner from=/home/s4h/dl.domain123.org;

    location /.well-known/acme-challenge {
        default_type "text/plain";
        alias /usr/local/apache/autossl_tmp/.well-known/acme-challenge;
    }

    location /.well-known/pki-validation {
        default_type "text/plain";
        alias /usr/local/apache/autossl_tmp/.well-known/acme-challenge;
    }
}

Nginx configs:443

server {
    listen 123.123.123.123:443 ssl ;
    server_name dl.domain123.org  www.dl.domain123.org;
    
    access_log /usr/local/apache/domlogs/dl.domain123.org.bytes bytes;
    access_log /usr/local/apache/domlogs/dl.domain123.org.log full;
    error_log /usr/local/apache/domlogs/dl.domain123.org.error.log error;

    ssl_certificate      /etc/pki/tls/certs/dl.domain123.org.bundle;
    ssl_certificate_key  /etc/pki/tls/private/dl.domain123.org.key;
    ssl_protocols TLSv1.2;
    ssl_ciphers EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA!RC4:EECDH:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS;
    ssl_prefer_server_ciphers   on;

    ssl_session_cache   shared:SSL:10m;
    ssl_session_timeout 60m;

    location / {
        location ~.*\.(3gp|gif|jpg|jpeg|png|ico|wmv|avi|asf|asx|mpg|mpeg|mp4|pls|mp3|mid|wav|swf|flv|html|htm|txt|js|css|exe|zip|tar|rar|gz|tgz|bz2|uha|7z|doc|docx|xls|xlsx|pdf|iso|woff|ttf|svg|eot|sh|webp)$ {
            root /home/s4h/dl.domain123.org;
            expires max;
            try_files $uri $uri/ @backend;
        }
        
        error_page 405 = @backend;
        error_page 500 = @custom;
        add_header X-Cache "HIT from Backend";
        add_header Strict-Transport-Security "max-age=31536000";
        add_header X-XSS-Protection "1; mode=block" always;
        add_header X-Content-Type-Options "nosniff" always;
        proxy_pass http://123.123.123.123:8181;
        include proxy.inc;
    }

    location @backend {
        internal;
        proxy_pass http://123.123.123.123:8181;
        include proxy.inc;
    }

    location @custom {
        internal;
        proxy_pass http://123.123.123.123:8181;
        include proxy.inc;
    }

    location ~ .*\.(php|jsp|cgi|pl|py)?$ {
        proxy_pass http://123.123.123.123:8181;
        include proxy.inc;
    }

    location ~ /\.ht    {deny all;}
    location ~ /\.svn/  {deny all;}
    location ~ /\.git/  {deny all;}
    location ~ /\.hg/   {deny all;}
    location ~ /\.bzr/  {deny all;}
    location ~\.(ini|log|conf)$ {deny all;error_page 403 =404 / ;}

    disable_symlinks if_not_owner from=/home/s4h/dl.domain123.org;

    location /.well-known/acme-challenge {
        default_type "text/plain";
        alias /usr/local/apache/autossl_tmp/.well-known/acme-challenge;
    }

    location /.well-known/pki-validation {
        default_type "text/plain";
        alias /usr/local/apache/autossl_tmp/.well-known/acme-challenge;
    }
}

dl.d123.com Nginx, Only port 80,, no SSL installed.

server {
    listen 123.123.123.123:80;  
    server_name dl.d123.com  www.dl.d123.com;

    access_log /usr/local/apache/domlogs/dl.d123.com.bytes bytes;
    access_log /usr/local/apache/domlogs/dl.d123.com.log full;
    error_log /usr/local/apache/domlogs/dl.d123.com.error.log error;

    location / {
        location ~.*\.(3gp|gif|jpg|jpeg|png|ico|wmv|avi|asf|asx|mpg|mpeg|mp4|pls|mp3|mid|wav|swf|flv|html|htm|txt|js|css|exe|zip|tar|rar|gz|tgz|bz2|uha|7z|doc|docx|xls|xlsx|pdf|iso|woff|ttf|svg|eot|sh|webp)$ {
            root /home/s4h/dl.domain123.com;                    
            expires max;
            try_files $uri $uri/ @backend;
        }
        
        error_page 405 = @backend;
        error_page 500 = @custom;
        add_header X-Cache "HIT from Backend";
        add_header X-XSS-Protection "1; mode=block" always;
        add_header X-Content-Type-Options "nosniff" always;
        proxy_pass http://123.123.123.123:8181;
        include proxy.inc;
    }

    location @backend {
        internal;
        proxy_pass http://123.123.123.123:8181;
        include proxy.inc;
    }

    location @custom {
        internal;
        proxy_pass http://123.123.123.123:8181;
        include proxy.inc;
    }

    location ~ .*\.(php|jsp|cgi|pl|py)?$ {
        proxy_pass http://123.123.123.123:8181;
        include proxy.inc;
    }

    location ~ /\.ht    {deny all;}
    location ~ /\.svn/  {deny all;}
    location ~ /\.git/  {deny all;}
    location ~ /\.hg/   {deny all;}
    location ~ /\.bzr/  {deny all;}
    location ~\.(ini|log|conf)$ {deny all;error_page 403 =404 / ;}

    disable_symlinks if_not_owner from=/home/s4h/dl.domain123.com;

    location /.well-known/acme-challenge {
        default_type "text/plain";
        alias /usr/local/apache/autossl_tmp/.well-known/acme-challenge;
    }

    location /.well-known/pki-validation {
        default_type "text/plain";
        alias /usr/local/apache/autossl_tmp/.well-known/acme-challenge;
    }
}
62
0 + 0
us flag
Tero Kilkanen
Please add your nginx configuration from `nginx -T` command to the question.
0
Reply
iraqiboy90 avatar
de flag
iraqiboy90
@TeroKilkanen Just added the nginx vhosts files
0
Reply
us flag
Tero Kilkanen
The block for `dl.d123.com` is missing. Please include its configuration too.
0
Reply
iraqiboy90 avatar
de flag
iraqiboy90
@TeroKilkanen Hello again, just added it now
0
Reply
Score:2
avatar Server
us flag
Tero Kilkanen

The reason is the following block in nginx configuration:

location ~.*\.(3gp|gif|jpg|jpeg|png|ico|wmv|avi|asf|asx|mpg|mpeg|mp4|pls|mp3|mid|wav|swf|flv|html|htm|txt|js|css|exe|zip|tar|rar|gz|tgz|bz2|uha|7z|doc|docx|xls|xlsx|pdf|iso|woff|ttf|svg|eot|sh|webp)$ {
    root /home/s4h/dl.domain123.org;
    expires max;
    try_files $uri $uri/ @backend;
}

This tells nginx to serve files directly with the mentioned extensions. Note, the list has .html and .png extensions.

You should do the redirect inside nginx:

server {
    listen 123.123.123.123:80;  
    server_name dl.d123.com  www.dl.d123.com;

    access_log /usr/local/apache/domlogs/dl.d123.com.bytes bytes;
    access_log /usr/local/apache/domlogs/dl.d123.com.log full;
    error_log /usr/local/apache/domlogs/dl.d123.com.error.log error;

    location / {
        return 301 https://www.dl.domain123.org$request_uri;
    }
}
0 + 0
iraqiboy90 avatar
de flag
iraqiboy90
Does this stop nginx's ability to serve cached content? or will the nginx vhost conf file for dl.domain123.com take over and serve the cache instead? Other problem is that the vhost files gets overwritten by the hosting panel, so can I input this rule into a separate file so it wouldn't get overwritten? would that work, or would nginx have two vhost files that would conflict with each other?
0
Reply
us flag
Tero Kilkanen
All URls for this virtual host will be 301 redirected to `www.dl.domain123.org`, and that virtual host's configuration will apply to requests for that virtual host. Therefore this has no effect on `www.dl.domain123.org` image serving. You need to ask hosting panel provider how to arrange this. Hosting panels make their systems work in non-standard ways, and we cannot know how they work.
1
Reply
iraqiboy90 avatar
de flag
iraqiboy90
Thanks for the help. I will look into how I can apply this config without the panel overwriting it at a later stage.
0
Reply
iraqiboy90 avatar
de flag
iraqiboy90
I figured out a way to apply it. The hosting panel has an option to change the webserver setup for selected domains. I have one user with 15 domains all rewriting to domain123.org. So, instead of all domains including other users domains having the same "nginx -> apache" config with the same vhost template, I just switched these 15 domains to "nginx only" (that has its own vhost template directory) and could apply a custom vhost template that applies the "return 301" line on all of them and keeps the server_name domain with %domain% variables. I dont need the htaccess rule anymore
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.