To answer your first question, yes, the “RewriteEngine on” conditional stuff is all there. I took your advice and tried out “UseCanonicalName on” in a couple different spots. When I added that to /etc/apache/apache2.conf, it made all subdomains simply forward to the main evelynferwalt.com domain. You’d try to go to videos.evelynferwalt.com, for example, and it’d forward to https://evelynferwalt.com.
When I added UseCanonicalName on to /etc/apache2/sites-enabled/evelynferwalt.com.conf, it did the same thing. When I tried to add UseCanonicalName to the evelynferwalt.com-le-ssl.conf, it didn’t do anything. You can see these options commented out below.
I’m still stuck with this problem! From what I can tell my config files are really weirdly set up anyway, so maybe it has to do with the way certbot automatic install + my manual fiddling might have jumbled the code.
Below is the current contents of /etc/apache2/sites-enabled/evelynferwalt.com.conf:
<Directory "/var/www/evelynferwalt.com">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
<VirtualHost *:80>
#~~~Recommended fix: use canonical name
#UseCanonicalName on
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName evelynferwalt.com
ServerAlias www.evelynferwalt.com
ServerAdmin webmaster@localhost
DocumentRoot /var/www/evelynferwalt.com
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
RewriteEngine on
RewriteCond %{SERVER_NAME} =www.evelynferwalt.com [OR]
RewriteCond %{SERVER_NAME} =evelynferwalt.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
Below is the current contents of /etc/apache2/sites-enabled/evelynferwalt.com-le-ssl.conf:
<IfModule mod_ssl.c>
<VirtualHost *:443>
#~~~Suggested fix: use canonical name
#UseCanonicalName on
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName evelynferwalt.com
ServerAlias www.evelynferwalt.com
ServerAdmin webmaster@localhost
DocumentRoot /var/www/evelynferwalt.com
<Directory /var/www/www.example.com/public_html>
Options -Indexes +FollowSymLinks
AllowOverride All
Order allow,deny
allow from all
</Directory>
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
SSLCertificateFile /etc/letsencrypt/live/evelynferwalt.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/evelynferwalt.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>