Debian 11 and symlinks

much better :slight_smile:

1 Like

the transvision one is not pointing at my new host yet (and i don't try to issue a certificate for it for now)

Let's have a look at this file:
cat /etc/apache2/sites-enabled/000-default.conf

1 Like

That does not matter. Only the 13juillet and portugalenfrancais should.

1 Like

OMG

<VirtualHost *:80>
	# The ServerName directive sets the request scheme, hostname and port that
	# the server uses to identify itself. This is used when creating
	# redirection URLs. In the context of virtual hosts, the ServerName
	# specifies what hostname must appear in the request's Host: header to
	# match this virtual host. For the default virtual host (this file) this
	# value is not decisive as it is used as a last resort host regardless.
	# However, you must set it for any further virtual host explicitly.
	#ServerName www.example.com

	ServerAdmin webmaster@localhost
	DocumentRoot /var/www/html

	# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
	# error, crit, alert, emerg.
	# It is also possible to configure the loglevel for particular
	# modules, e.g.
	#LogLevel info ssl:warn

	ErrorLog ${APACHE_LOG_DIR}/error.log
	CustomLog ${APACHE_LOG_DIR}/access.log combined

	# For most configuration files from conf-available/, which are
	# enabled or disabled at a global level, it is possible to
	# include a line for only one particular virtual host. For example the
	# following line enables the CGI configuration for this host only
	# after it has been globally disabled with "a2disconf".
	#Include conf-available/serve-cgi-bin.conf
RewriteEngine on
RewriteCond %{SERVER_NAME} =francoportugais.com [OR]
RewriteCond %{SERVER_NAME} =*.francoportugais.com [OR]
RewriteCond %{SERVER_NAME} =*.portugalenfrancais.com [OR]
RewriteCond %{SERVER_NAME} =portugalenfrancais.com [OR]
RewriteCond %{SERVER_NAME} =lusitanie.fr [OR]
RewriteCond %{SERVER_NAME} =*.lusitanie.fr
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

[fingers crossed]

Check that SSLEngine is on in the default port 443 virtualhost:

     default server 13juillet.com (/etc/apache2/sites-enabled/13juillet.com.conf:2)

I don't think apache can turn ssl on and off based on sni.

1 Like

Let's have a look at:
cat /etc/apache2/sites-enabled/13juillet.com.conf

1 Like

[edited - fingers crossed]

<IfModule mod_ssl.c>
<VirtualHost *:443>
Protocols h2 h2c http/1.1
DocumentRoot /var/www/13juillet.com
ServerAlias *.13juillet.com
ServerName 13juillet.com
ServerAdmin joriavlis@gmail.com

RewriteEngine On
RewriteCond %{HTTP_HOST} !^13juillet\.com$
RewriteRule (.*) https://13juillet.com$1 [L,R=301]

<Directory /var/www/13juillet.com>
Options -Indexes +FollowSymLinks +MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>


</VirtualHost>

<VirtualHost *:80>

DocumentRoot /var/www/13juillet.com
ServerAlias *.13juillet.com
ServerName 13juillet.com
ServerAdmin joriavlis@gmail.com

RewriteEngine On

RewriteCond %{SERVER_PORT} ^80$
RewriteRule ^(.*)$ https://13juillet.com%{REQUEST_URI} [R=301,L]

RewriteCond %{SERVER_NAME} =13juillet.com [OR]
RewriteCond %{SERVER_NAME} =*.13juillet.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
</IfModule>

The 443 vhost is missing:
include /etc/letsencrypt/options-ssl-apache.conf

1 Like

Yeah, you should add this line in there:

1 Like

in the 13juillet file ? Or in the default file ?

13Juillet
In the 443 section.

2 Likes

Which it is missing a cert - LOL
And the rewrite will loop to itself.

1 Like

THANK YOOUUUU !!

It worked !!
I would never find it by myself, you guys are incredible ^^ ...

So it was looping ?

But my question : why when I try to do it automatically, the vhost files are not edited ? Nothing happens...

2 Likes

Not looping [yet - that will happen when you add the cert to it].
It was using "SSLEngine OFF" [since it never set it ON] for the entire server.
Since the files in the enabled folder are processed alphabetically...
13.. comes before any of the words and was processed first.
And that one file "broke" your server.

1 Like

so if I understand it correctly, my first vhost file is more important in the hierarchy than the "defaults" files ?

There was no "_default_" (named) file for 443.

1 Like

It will, because you have the same redirect in the 443 and 80 sections. You only want it in the 80 section.

If there is no 443 vhost, one will be created. If there is one, I don't know. Certbot might try and install the certificate but I'm not sure what will happen.

1 Like

The first (alphabetically) IS the default file.

(this is why I have a 000_default.conf file in my sites-enabled)

1 Like

It becomes the "default" file - not to be confused with files in that folder that have the name "default" OR "_default_".
NOTE: Alphabetically "_" is seen before numbers (which are before letters).

2 Likes