.htaccess redirecting non SSL Domain to another SSL Domain

See also questions close to this topic

• solr join two cores and apply OR condition on each core field

  I have two cores in the same Solr server

  Core 1 has below structure:

  "id":"1234.1",
   "created_s":"2018-08-15",
  "pd_data_s":"F10001VIS",
  "snum_s":"0001",
  },
  {
  "id":"1234.2",
   "created_s":"2017-08-15",
  "pd_data_s":"F2001",
  "snum_s":"002",
  },
  

  Core 2 has below structure

  {
  "id":"5234.2",
   "modified_s":"2017-08-15",
  "pd_number_s":"F2001",
  "product_type":"t-shirt",
  },
  
  
  {
  "id":"6234.2",
   "modified_s":"2018-08-15",
  "pd_number_s":"F10001VIS",
  "product_type":"t-shirt",
  },
  

  I want to join the two cores to match the pd_number_s(core 2) to pd_number_s (core 1) and apply "OR condition" the date fields on two cores.

  I used below query to filter the data. But in this case the date fields are running independently for filtering the data.

  http://localhost:8983/solr/core2/select?q=*:*&fq={!join from=pd_number_s to=pd_data_s fromIndex=core1}(snum_s:001 AND created_s:[2018-01-01 TO *])&fq=modified_s:[2019-02-07T17:00:00 TO *]

  What would be Solr equivalent to the below SQL query select * from companies core1 inner join company_types core2 on core1.company_type_id = core2.id and (core1.created_at>=2012-08-1 OR core2.created_at>=2012-08-1)
• Apache mod_rewrite change domain extension

  I want to have a 4 conditional mod_rewrite.

  http to https
  http://example.com to https://example.com
  
  www. to non-www.
  https://www.example.com to https://example.com
  https://www.subdomain.example.com to https://subdomain.example.com
  
  non-plural ending to plural ending domain
  https://www.example.com to https://examples.com
  
  .com (or that is not .co) domain extension to .co
  https://www.example.com to https://examples.co
  

  I so far have this code:

  ServerName examples.co
  ServerAlias *.examples.co examples.com *.examples.com example.co *.example.co example.com *.example.com
  RewriteEngine On
  RewriteCond %{HTTP_HOST} ^www\.(.+) [NC]
  RewriteRule ^ https://%1%{REQUEST_URI} [L,R=301]
  RewriteCond %{HTTP_HOST} !examples\.co$
  RewriteCond %{HTTP_HOST} ^([^.]+\.)?examples\.
  RewriteRule ^ https://%1examples.co%{REQUEST_URI} 
  

  I am having trouble finding an example to create change example to examples and .com (or other non-.co) to .co.

  I want the rule to be anything that is not examples.co, turn into examples.co, maintain all subdomains, but trim off www..

  All the domains are pointing to the same server. But www.subdomain.examples.co won't trim www. And it wont change domain from .com to .co or change to plural version.
• Problem when deploying django rest in xampp

  I have a rare problem on the part of the client, I am using angular 5 as part of the client. I already made all the changes in Apache to run Django, it works well on my PC and on my cell phone when I connect to the server. when the request is made to the server it only works on my pc where the server is and on my cell phone.

  this is proof of this here the application is done well. but when I try to access the server of another pc the request is made to the old address, which is Django's

  this is the apache configuration.

  <IfModule wsgi_module>
  
   WSGIPythonPath C:\xampp\htdocs\tutorial
   <VirtualHost *:8081>
  
   Alias /static "C:\xampp\htdocs\tutorial\static"
   <Location "/media">
     SetHandler None
   </Location>
  
  <LocationMatch "\.(jpg|gif|png|js|css)$">
    SetHandler None
  </LocationMatch>
  
  <Directory C:\xampp\htdocs\tutorial\static>
      Require all granted
  </Directory>
  
  <Directory C:\xampp\htdocs\tutorial >
     <Files wsgi.py>
         Require all granted
     </Files>
  </Directory> 
  
  
    WSGIScriptAlias / C:\xampp\htdocs\tutorial\tutorial\wsgi.py
  
   </VirtualHost>
  
  
   </IfModule>
  

  and before making the deployment of the client I made the change of the url of the service.

   URLCategorias : string = 'http://10.0.0.16:8081/api/categorias/';
  

  is the only place that used the service

  and this es mi configuration hosts.

  DEBUG = False
  
  ALLOWED_HOSTS = ['10.0.0.16', 'localhost']
  

  I don't know what the problem is, why when making the call to the server, it points to another place.
• .htaccess in subdirectory to deny everything in subdirectory except index.php

  Here's what the web hosted directory looks like:

  • public_html

    • subdirectory
      • index.php
      • other stuff
      • .htaccess

  Is there a way to make the .htaccess file deny everything relative to its location (i.e. everything in the subdirectory) except for the index.php file in that directory, without affecting anything located in its parent directory?

  I've tried the following, but it's denying me access to /subdirectory/ as well. If I do /subdirectory/index.php it seems to work.

  Order Deny,Allow
  Deny from all
  Allow from 127.0.0.1
  
  <Files ./index.php>
     Order Allow,Deny
     Allow from all
  </Files>
  

  The most ideal is if the solution is agnostic of the directory structure it's in -- that is in the future I could move everything to the parent directory, and it'd still work.
• Httacess Conflict with htpasswd

  I have this htaccess Code

  RewriteEngine On
  RewriteCond %{REQUEST_FILENAME} !-d
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteRule ^(.*)$ index.php?section=$1 [QSA,L]
  

  That makes SEO friendly URLs

  But then i wanted to secure my adminindex.php with user and pass using this code

  Options -Indexes
  RewriteEngine On
  SetEnvIf Request_URI "adminindex.php" require_auth=true
  <filesmatch "adminindex.php">
      AuthUserFile /home/******/public_html/.htpasswd 
      AuthName     "you must log in to see this file"
      AuthType     Basic
      require      valid-user
  </filesmatch>
  

  It works but after removing the Above SEO Urls code

  RewriteEngine On
  RewriteCond %{REQUEST_FILENAME} !-d
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteRule ^(.*)$ index.php?section=$1 [QSA,L]
  

  and my Httaccess Looks like this

  Options -Indexes
  RewriteEngine On
  SetEnvIf Request_URI "adminindex.php" require_auth=true
  <filesmatch "adminindex.php">
      AuthUserFile /home/pagosav2/public_html/.htpasswd 
      AuthName     "you must log in to see this file"
      AuthType     Basic
      require      valid-user
  </filesmatch>
  
  
  RewriteEngine On
  RewriteCond %{HTTPS} !=on
  ErrorDocument 404 https://*********.com/index.php?section=404
  #RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
  RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
  RewriteCond %{REQUEST_URI} !^/\.well-known/cpanel-dcv/[0-9a-zA-Z_-]+$
  RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/(?:\ Ballot169)?
  RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
  RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
  #ErrorDocument 404 https://***********.com/404.tpl
  
  <IfModule mod_php5.c>
      php_value suhosin.upload.max_uploads 50
  </IfModule>
  
  RewriteEngine On
  RewriteCond %{REQUEST_FILENAME} !-d
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteRule ^(.*)$ index.php?section=$1 [QSA,L]
  

  So my question is how do i keep both my code and make both features work
• Can't find malicious code creating 'parseopmlo' directory

  I work for a non-profit. Our WordPress site (shared hosting on Bluehost) was hacked earlier this week, and the hacker appears to have created a script that automatically creates a directory in root named 'parseopmlo' which has two files in it, index.php and moban.html. It simultaneously edits the .htaccess file, adding this code:

  RewriteRule ^.*[-/]n(\d+)-.*$ parseopmlo/index\.php?id=$1&%{QUERY_STRING} [L]
  
  RewriteRule ^n(\d+)-.*$ parseopmlo/index\.php?id=$1&%{QUERY_STRING} [L]
  
  RewriteRule ^r(\d+)[-/].*[-/]n(\d+)-.*$ parseopmlo/index\.php?id=$1-$2&%{QUERY_STRING} [L]
  
  RewriteRule ^r(\d+)[-/]n(\d+)[-/].*$ parseopmlo/index\.php?id=$1-$2&%{QUERY_STRING} [L]
  
  RewriteRule ^n(\d+)[-/].*[-/]r(\d+)[-/].*$ parseopmlo/index\.php?id=$2-$1&%{QUERY_STRING} [L]
  
  RewriteRule ^n(\d+)[-/]r(\d+)[-/].*$ parseopmlo/index\.php?id=$2-$1&%{QUERY_STRING} [L]
  
  RewriteRule ^.*[-/]n(\d+)[-/]r(\d+)[-/].*$ parseopmlo/index\.php?id=$2-$1&%{QUERY_STRING} [L]
  
  RewriteRule ^.*[-/]n(\d+)[-/].*[-/]r(\d+)[-/].*$ parseopmlo/index\.php?id=$2-$1&%{QUERY_STRING} [L]
  
  RewriteRule ^.*[-/]r(\d+)[-/].*[-/]n(\d+)[-/].*$ parseopmlo/index\.php?id=$1-$2&%{QUERY_STRING} [L]
  
  RewriteRule ^.*[-/]r(\d+)[-/]n(\d+)[-/].*$ parseopmlo/index\.php?id=$1-$2&%{QUERY_STRING} [L]
  

  I have deleted the directory several times now, and restored a clean .htaccess file several times. Each time, the directory is recreated and .htaccess is hacked again within 5-30 minutes.

  I changed all passwords to automatically generated, very strong passwords. There is no way someone is sitting around logged into our site's FTP, manually making these changes.

  It's a script on our server, but I can't find it. I used SSH with the grep command to recursively search every file on the server for anything containing the text string 'parseopmlo' and the only results were the lines of code in .htaccess. I was hoping it would show up in whatever file contains the script creating the directory. No dice.

  If you Google 'parseopmlo' you'll get a ton of hits featuring other websites that have been hacked in the same way, but no mention of how to fix this.

  Any ideas on how to find and delete the malicious code?
• Dummy HTML API?

  Is there a service which provide a dummy HTML page that I can request via HTTP/HTTPS (Ajax)? It's needed not to be blocked by CORS policy. (Not using CORB)

  Basically I want dummy HTML code without dealing with CORS.

  I know there is similar services for JSON:

  • https://jsonplaceholder.typicode.com/
  • https://swapi.co/ (?)

      $.ajax({
          type: "GET",
          url: "dummysite.com",
          crossDomain: true,
          success: function (data) {
              // do something with server response data
              outputElm.innerHTML += data;
          },
          error: function (err) {
              // handle error logic here
              console.log(err);             
          }
      });
  
• camel proxy configuration camel-https4

  We have to connect out java camel application with an external system over https. In the middle we have a proxy, but this proxy only accepts http connections.

  I have configured http and https proxies in the camel context but it seems that this does not help. The http4s component runs into connection closed exception. So I configured the proxy directly at the https4 endpoint. This configuration works but it seems that the component wants to communicate over https with our proxy and I receive this exception.

  javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
  

  I inspect the debug log and I can see this log entry which indicates that the connection to the proxy is done over https

  [DEBUG]: org.apache.http.impl.conn.PoolingHttpClientConnectionManager - Connection request: [route: {tls}->https://<proxy>:<port>->https://<3rdPartySystem>:443][total kept alive: 0; route allocated: 0 of 20; total allocated: 0 of 200]
  

  here the camel component configuration

  to("https4:<3rdPartySystem>/services/oauth2/token?proxyAuthHost=...&proxyAuthPort=...")
  

  So my question is: How can I configure a proxy in java in a way that https traffic is done over http between the java app and the proxy. From proxy to the 3rd party system communication should be done over https.

  By the way the "old" http-camel component works perfect with the same proxy.
• Problem redirecting site from http to https

  such problem. We have old site with no ssl certificate

  example1.com
  

  pages from him already indexed in google

  we made new site with ssl

  example.com
  

  and made redirects 301 from old site

  if( url == '/some' ) {
      header('HTTP/1.1 301 Moved Permanently');
      header( 'Location: https://example.com/some' );
  }
  

  But when we make search in google "some keyword" we receive old domain link

  example1.com/some_link
  

  and after redirect to

  https://example.com/some_link
  

  we receive an ssl error "Connection unsecure" but browser shows that certificate is valid

  how to fix this?
• URL Requests with SSL Pinning in iOS App are failing for few websites

  I have an iOS app which has SSL pinning feature for few particular requests. As SSL Pinning is not working due to some reason, I have downloaded SSL Certificates for 3 sites using Firefox browser (or openssl command in mac terminal app) and kept in project local folder. Below are the results, when I run from the iOS app.

  URL: https://www.google.com/
  RESULT: WORKING with ssl enabled - I could see some response as HTML data in the console

  ---

  URL: https://www.google.com/
  RESULT: cancelled 2019-02-14 15:30:27.702813+0530 CertPinning[30996:733590] Task <B7EEA492-BE74-4E2A-9F47-2F8C964B8539>.<1> finished with error - code: -999 2019-02-14 15:30:27.704132+0530 CertPinning[30996:733596] Task <B7EEA492-BE74-4E2A-9F47-2F8C964B8539>.<1> HTTP load failed (error code: -999 [1:89])

  ---

  URL: https://api.sendgrid.com/
  RESULT
  Error Domain=NSURLErrorDomain Code=-999 "(null)" UserInfo={NSUnderlyingError=0x600001c7dd10 {Error Domain=NSURLErrorDomain Code=-999 "cancelled" UserInfo={NSErrorFailingURLStringKey=https://api.sendgrid.com/v3/mail/send, NSErrorFailingURLKey=https://api.sendgrid.com/v3/mail/send, _NSURLErrorRelatedURLSessionTaskErrorKey=( "LocalDataTask <F7FF95D3-ADC7-474C-8B38-0ABA09058AA8>.<1>" ), _NSURLErrorFailingURLSessionTaskErrorKey=LocalDataTask <F7FF95D3-ADC7-474C-8B38-0ABA09058AA8>.<1>, NSLocalizedDescription=cancelled}}, StatusCode=0, ResponseText=, ServiceType=Login, URL=https://api.sendgrid.com/v3/mail/send}

  ---

  Code from dowloaded from GITHUB

  import Foundation
  import UIKit
  
  class ViewController: UIViewController, URLSessionDelegate {
  
      override func touchesBegan(_ touches: Set<UITouch>, with event: UIEvent?) {
  
          let config = URLSessionConfiguration.default
          let session = URLSession(configuration: config, delegate: self, delegateQueue: nil)
  
          guard let url = URL(string: "https://www.google.com/") else { return }
  
          let task = session.dataTask(with: url) { (data, response, error) in
  
              if let error = error {
                  print(error.localizedDescription)
                  return
              }
  
              if let data = data, let contents = String(data: data, encoding: String.Encoding.utf8) {
                  print(contents)
              }
  
          }
  
          task.resume()
  
      }
  
      func urlSession(_ session: URLSession, didReceive challenge: URLAuthenticationChallenge, completionHandler: @escaping (URLSession.AuthChallengeDisposition, URLCredential?) -> Void) {
  
          guard
              challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodServerTrust,
              let serverTrust = challenge.protectionSpace.serverTrust,
              SecTrustEvaluate(serverTrust, nil) == errSecSuccess,
              let serverCert = SecTrustGetCertificateAtIndex(serverTrust, 0) else {
  
                  reject(with: completionHandler)
                  return
          }
  
          let serverCertData = SecCertificateCopyData(serverCert) as Data
  
          guard
              let localCertPath = Bundle.main.path(forResource: "wwwgooglecom", ofType: "crt"),
              let localCertData = NSData(contentsOfFile: localCertPath) as Data?,
  
              localCertData == serverCertData else {
  
                  reject(with: completionHandler)
                  return
          }
  
          accept(with: serverTrust, completionHandler)
  
      }
  
      func reject(with completionHandler: ((URLSession.AuthChallengeDisposition, URLCredential?) -> Void)) {
          completionHandler(.cancelAuthenticationChallenge, nil)
      }
  
      func accept(with serverTrust: SecTrust, _ completionHandler: ((URLSession.AuthChallengeDisposition, URLCredential?) -> Void)) {
          completionHandler(.useCredential, URLCredential(trust: serverTrust))
      }
  
  }
  

  ---

  Why the the errors are seen in the later two requests ?

  While sending email using SendGrid API, mail isn't being sent, as SSL Pinning is failing. I am not sure where I am going wrong. If I don't go for SSL Pinning, everything works as expected. Any one faced the same problem before?
• Could not create SSL/TLS secure channel using webApplication deployed on IIS

  I have added Client certificate in UAT machine (Testing Server). I am facing issue on IIS server , my desktop test app and SoapUI tool receive response successfully but when i deployed my web application on IIS server it causes exception that "Could not create SSL/TLS secure channel". i added certificate in Trusted Root Certification Authorities. and in my code i get this by

      ServicePointManager.ServerCertificateValidationCallback = new 
      RemoteCertificateValidationCallback(delegate { return true; });
      X509Certificates.X509Store store = new 
      X509Certificates.X509Store(X509Certificates.StoreName.Root, 
      X509Certificates.StoreLocation.LocalMachine);
      X509Certificates.X509Certificate2 cert4 = 
      store.Certificates.Find(X509Certificates.X509FindType.FindByThumbprint, 
      "60 0c 63 d0 54 6f 80 21 de 10 5e 9f bd 5a 8d 78 1f 9f 6c 62", false)[0];
      store.Close();
  
• Dask Client can't connect to dask-scheduler

  I'm on dask 1.1.1 (latest version) and I have started a dask scheduler at the commandline with this command:

  $ dask-scheduler --port 9796 --bokeh-port 9797 --bokeh-prefix my_project
  distributed.scheduler - INFO - -----------------------------------------------
  distributed.scheduler - INFO - Clear task state
  distributed.scheduler - INFO -   Scheduler at:     tcp://10.1.0.107:9796
  distributed.scheduler - INFO -       bokeh at:                     :9797
  distributed.scheduler - INFO - Local Directory:    /tmp/scheduler-pdnwslep
  distributed.scheduler - INFO - -----------------------------------------------
  distributed.scheduler - INFO - Register tcp://10.1.25.4:36310
  distributed.scheduler - INFO - Starting worker compute stream, tcp://10.1.25.4:36310
  distributed.core - INFO - Starting established connection
  

  then... I tried to start up a client to connect to the scheduler using this code:

  from dask.distributed import Client
  c = Client('10.1.0.107:9796', set_as_default=False)
  

  but upon trying to do that, I get an error:

  ...
   File "/root/anaconda3/lib/python3.7/site-packages/tornado/concurrent.py", line 238, in result
    raise_exc_info(self._exc_info)
   File "<string>", line 4, in raise_exc_info
   tornado.gen.TimeoutError: Timeout
  During handling of the above exception, another exception occurred:
  ...
   File "/root/anaconda3/lib/python3.7/site-packages/distributed/comm/core.py", line 195, in _raise
  raise IOError(msg)
  OSError: Timed out trying to connect to 'tcp://10.1.0.107:9796' after 10 s: connect() didn't finish in time
  

  This has been hardcoded in a system that's been running for months now. So I'm just writing this question to verify I'm not doing anything wrong programmatically right? I think it must be something wrong with the environment. Does everything look right to you? what kind of things could be stopping this outside of dask and python? certificates? differing versions of packages? thoughts
• How to redirect .com.sg to .sg in Google App Engine?

  I was using Firebase Hosting, but recently our team decided to change to GAE.

  After we added two custom domains, we need to redirect .com.sg to .sg always.

  Does anyone know how to achieve this feature?

  Am using Nodejs as server language. Any help will be appreciated very much! Cheers
• In firefox is a ajax call deleted before a redirect

  First, in Chrome this working every time 100% and in Firefox not working 100%.

  In a click-event, I want only submit data with ajax to the server for statistics. There is no response needed, it should only submit the data to the server. After submitting ajax-data the visitor should immediately redirect to another page. I can't do redirect after ajax callback or something like async=false, because the calculation takes its time and visitors should not waiting seconds.

  The only solution that I can see, its to use setTimeout() as a workaround for Firefox, so the ajax call is successfully submitted and redirect called after a period of milliseconds. Is there a preferred documented value in milliseconds for this task? So its working 100% for all future versions of Firefox.

  Actual I can only guess a value that working on my pc in my actual firefox version. Is there maybe an official value for this in firefox?

  Is this may be an issue in Firefox? I can fully understand that async=true don't give callbacks with outside redirects.

  But I don't need callbacks, I want only to submit data with ajax. Why firefox kills these requests silently? There is no trace in the network.
• Correct .htaccess to redirect all https:// pages to https://www

  I want to redirect all non-www pages to https://, but only the home page does so as expected. That is, http://kraftgiftbox.com will redirect to https://www.kraftgiftbox.com/ as I expect, that's ok! But none of the sub-level page will, like https://kraftgiftbox.com/odd-shaped-boxes.html, it won't redirect to the www version. I had a .htaccess file as follows:

  RewriteOptions inherit
  RewriteEngine On
  RewriteCond %{SERVER_PORT} 80
  RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
  RewriteCond %{REQUEST_URI} !^/\.well-known/cpanel-dcv/[0-9a-zA-Z_-]+$
  RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
  RewriteRule ^(.*)$ https://kraftgiftbox.com/$1 [R,L]
  ErrorDocument 404 /404.shtml 
  RewriteCond %{HTTP_HOST} ^kraftgiftbox\.com$
  RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
  RewriteCond %{REQUEST_URI} !^/\.well-known/cpanel-dcv/[0-9a-zA-Z_-]+$
  RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
  RewriteRule ^/?$ "https\:\/\/www\.kraftgiftbox\.com\/" [R=301,L]
  

  Can someone please help me correct the code? Thanks!