Disable SSL for Single Directory on Apache Virtual Host (SOLVED)

I see… Do you know of a helpful tutorial on how to configure such a thing? I don’t know where to begin.

What was the issue with the suggestion provided earlier ? in what way did it not work ?

After typing in exactly what you posted, the URL was still directed to HTTPS.

Did you reload apache after editing it ? and do you have any other redirects anywhere (.htaccess ) ?

Yes, I did restart Apache and no, there are no .htaccess files or other redirects that I am aware of. I checked the Apache user list for a thread, but there are so many topics I can’t quite capture the right specificity of search terms. Anyone know of a good site for Apache support? I can here because I’m using Let’s Encrypt, but I think this is more of an Apache configuration issue, am I right? Thanks for the help so far.

You are right this is more of an apache issue, yes.

I’m a little surprised that didn’t work. I’d also suggest just commenting out that section to test that is the only code causing a redirect. Also be careful how you test - if you are testing in a browser, it will remember the previous instruction for a “permanent” redirect - and redirect anyway (even without the code, since it has cached the information).

I’m a little surprised there isn’t more support on the Internet regarding this topic, but thanks for help anyway. This thread looks like a dead end. :confused:

It might work if you remove this line.

1 Like

It work for me:

<VirtualHost *:80>
    ServerAdmin postmaster@example.com
    DocumentRoot /home/example.com/htdocs/www
    ServerName example.com 
    RedirectMatch 301 ^/((?!.well-known\/acme-challenge).*)$ https://example.com/$1
</VirtualHost>

Using mod_alias

Using what you typed there, how would my configuration look? I’m sorry, I find Apache very hard to understand even after reading the docs multiple times.

So the basic problem with your existing configuration is that you’re actually doing the redirect twice: first with mod_alias (Redirect) and then again with mod_rewrite (RewriteRule). You should pick one to fix, and remove the other.

If you choose mod_alias, use @Shnoulle’s suggestion, which in your case would look like this:

<VirtualHost *:80>
  ServerName adventuresoftron.com
  ServerAlias www.adventuresoftron.com
  RedirectMatch 301 ^/((?!aa/resource).*)$ https://adventuresoftron.com/$1
</VirtualHost>

If you prefer to use mod_rewrite, use @serverco’s suggestion:

<VirtualHost *:80>
  ServerName adventuresoftron.com
  ServerAlias www.adventuresoftron.com
  RewriteEngine on
  RewriteRule ^(aa/resource)($|/) - [L]
  RewriteCond %{SERVER_NAME} =adventuresoftron.com [OR]
  RewriteCond %{SERVER_NAME} =www.adventuresoftron.com
  RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
</VirtualHost>

In either case, the configurations above should replace your existing <VirtualHost *:80> section, while the <VirtualHost *:443> section should remain unchanged.

1 Like

@jmorahan, that helps me understand Apache much better, thank you. Unfortunately it does not solve the problem. At this point I wish I had not used the Let’s Encrypt binary and installed certificates manually because I have no idea what the program did to make this so difficult.

It seems to me that having some non-SSL resources on a server should be a much more common considering we are still transitioning to the encrypted web and there are a lot of old services out there. Now it looks like I must go backwards to HTTP only. This is a real disappointment. I wish there was an expert who could help me.

There are plenty of experts here, and I’m sure they would be happy to help if you fully describe the problem you’re still having :slight_smile: eg maybe if you post the exact config you tried, someone might spot the problem. You did reload apache and clear your browser cache again, right?

1 Like

I’m not exactly sure what more I can say. I used the letsencrypt binary from the Ubuntu 16 reprository to convert my dozen or so virtual servers from HTTP to HTTPS. It worked great. However, I now want resources in a single directory of one virtual server to be accessible to a service on a different server.

I have posted the two configs for my virtual server. I could post more apache configs, but which? There are dozens and I have no idea which ones were edited by /bin/letsencrypt. As far as testing goes, I’m not even checking with my browser, I’m checking with the service that needs access. I’ve reloaded apache, restarted apache, restarted my machine after every change.

Last night I disabled everything in *:443 and declared my DocumentRoot in *:80. My site is no longer encrypted (booooo), but the service in question can now access the resources.

Thanks to everyone for their help and patience. I’ll gladly take more advice.

Aha! I hadn't noticed that this was missing before. You need a DocumentRoot on port 80 to serve content from there, even if you also have one on port 443. Maybe try adding that into one of the examples? Such as:

<VirtualHost *:80>
  ServerName adventuresoftron.com
  ServerAlias www.adventuresoftron.com
  DocumentRoot /var/www/html/aot
  RedirectMatch 301 ^/((?!aa/resource).*)$ https://adventuresoftron.com/$1
</VirtualHost>

and re-enable the *:443 config of course.

1 Like

IT WORKS!

Thanks for your help jmorahan. Your explanations have helped me understand Apache a little better and I hope I can help someone else with this new understanding. PM me your PayPal address and I’ll buy you a 6-pack of your favorite beverage. :relieved:

Glad you got it sorted!

If you feel like donating, please donate to ISRG to help keep this awesome service running :slight_smile:

1 Like

Great idea, I just left a donation. :heavy_dollar_sign:

1 Like

In case a n00b like me is reading this and wants to learn more about Apache, Digital Ocean just released a good introduction to some of the ideas in this thread.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.