SCIENTIFIC-LINUX-USERS Archives

November 2008

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: Apache redirect help
From:
Michael Mansour <[log in to unmask]>
Reply To:
Michael Mansour <[log in to unmask]>
Date:
Mon, 10 Nov 2008 19:24:22 +1100
Content-Type:
text/plain
Parts/Attachments:
text/plain (80 lines) 
Hi,

> > I realise this may not be the best mailing list for this query, but if someone
> > knows...
> >
> > The problem I have is, I have an Apache website running on:
> >
> > http(s)://site.example.local
> >
> > For my local subnet (which exists in .local), I have Apache setup to do:
> >
> > Redirect / https://site.example.local
> >
> > for http (port 80) connections, so when anyone types http://site.example.local
> > on the .local subnet they're redirected to the SSL website.
> >
> > When accessing this site externally on port 80, I go to:
> >
> > http://site1.example.com
> >
> > and (via DNS and PAT rules on the firewall) get:
> >
> > https://site.example.local
> >
> > as the URL in the external Web browser, which obviously doesn't work. This
> > makes sense though because of my "Redirect / https://site.example.local entry"
> > in Apache.
> >
> > How can I configure Apache to keep:
> >
> > Redirect / https://site.example.local
> >
> > for the .local subnet, while:
> >
> > Redirect / https://site.example.com
> >
> > for external subnets?
> 
> First, can you confirm that https://site.example.local works locally
> and https://site.example.com works externally (I suspect that you 
> will need two certificates) ?

Yes this works fine. The site.example.local is actually a PHP Help desk app,
so we use this internally every day (on https://site.example.local) and our
customers check the progress of their cases externally via
https://site.example.com

The problem is when customers forget to enter the https and enter http, we'd
just like it automated for them when they make a mistake in the URL.

> If the content is the same, can you redirect everyone to 
> https://site.example.com ?

Yes the content is all the same but since PHP app is running on a server on
our local network (in our office) and listening on a Virtual IP on the
internal network, then we cannot visit http(s)://site.example.com from our
local network.

The way the external people get to it is by giving the site.example.com an A
record which points to a dedicated WAN IP and a PAT rule on the firewall to
forward port 80 and 443 traffic to the internal Virtual IP.

In summary, you cannot go to your external WAN IP from your internal local
network.

So I need a way to tell Apache that if the visitor is coming from the WAN
(internet) then Redirect to https://site.example.com, if they're coming from
our local network then Redirect to https://site.example.local

I've search the web and so far haven't been able to find a way to do this.

Regards,

Michael.

> -- 
> Dr. Andrew C. Aitchison		Computer Officer, DPMMS, Cambridge
> [log in to unmask]	http://www.dpmms.cam.ac.uk/~werdna
------- End of Original Message -------

ATOM RSS1 RSS2