]> Raphaël G. Git Repositories - acme/commitdiff
Fix script rewrite to end rewrite process 1.2.0
authorRaphaël Gertz <git@rapsys.eu>
Sat, 30 Nov 2019 22:20:23 +0000 (23:20 +0100)
committerRaphaël Gertz <git@rapsys.eu>
Sat, 30 Nov 2019 22:20:23 +0000 (23:20 +0100)
Don't redirect errors and icons
Add redirect in global rewrite, unencrypted vhosts only have to inherit rules

www/acme.apache.conf

index 8ff22410dba0478d19ba7aeeaf372cd1daf0cdc1..d3d1afde51a5c32b2d5960388791f4643914e3a7 100644 (file)
        # Start rewrite engine
        RewriteEngine on
 
-       # Only if https is disabled
+       # Rewrite acme uri on php script
        RewriteCond %{HTTPS} off
+       RewriteRule /\.well\-known/acme\-challenge/([-_a-zA-Z0-9]+) /usr/share/acme/acme-challenge.php?key=$1 [END]
 
-       # Rewrite acme uri on php script
-       RewriteRule /\.well\-known/acme\-challenge/([-_a-zA-Z0-9]+) /usr/share/acme/acme-challenge.php?key=$1 [L]
+       # Rewrite errors as final
+       RewriteRule ^/error/(HTTP_BAD_GATEWAY|HTTP_BAD_REQUEST|HTTP_FORBIDDEN|HTTP_GONE|HTTP_INTERNAL_SERVER_ERROR|HTTP_LENGTH_REQUIRED|HTTP_METHOD_NOT_ALLOWED|HTTP_NOT_FOUND|HTTP_NOT_IMPLEMENTED|HTTP_PRECONDITION_FAILED|HTTP_REQUEST_ENTITY_TOO_LARGE|HTTP_REQUEST_TIME_OUT|HTTP_REQUEST_URI_TOO_LARGE|HTTP_SERVICE_UNAVAILABLE|HTTP_UNAUTHORIZED|HTTP_UNSUPPORTED_MEDIA_TYPE|HTTP_VARIANT_ALSO_VARIES).html.var "-" [PT,END]
+
+       # Rewrite icons as final
+       RewriteRule ^/icons/(([acfp]|back|binary|binhex|blank|bomb|box1|box2|broken|burst|compressed|continued|dir|diskimg|down|dvi|forward|icon.sheet|image1|image2|image3|index|layout|left|link|movie|patch|pdf|pie0|pie1|pie2|pie3|pie4|pie5|pie6|pie7|pie8|portal|ps|quill|right|screw1|screw2|script|sound1|sound2|sphere1|sphere2|tar|tex|text|transfer|unknown|up|uuencoded|uu|world1|world2|folder(|.open|.sec)|generic(|.red|.sec)|alert.(black|red)|hand.(right|up)|ball.(gray|red)|comp.(blue|gray)|small/(back|binary|binhex|blank|broken|burst|comp1|comp2|compressed|continued|doc|folder2|folder|forward|generic2|generic3|generic|image2|image|index|key|movie|patch|ps|rainbow|sound2|sound|tar|text|transfer|unknown|uu)).(gif|png)|apache_pb(|2).(gif|png|svg)|(svg|xml|odf6o(d[bcfgimpst]|t[cfghipst])).png) "-" [PT,END]
+
+       #Redirect to https
+       RewriteCond %{HTTPS} off
+       RewriteRule (/.*) https://%{SERVER_NAME}$1 [L,R=301]
 </IfModule>