Virtual Host not Redirecting to https?

My domain is: handmademama.net

My web server is (include version): apache2 version 2.4.29

The operating system my web server runs on is (include version): Ubuntu 18.04

My hosting provider, if applicable, is: self hosted on Linode cloud server

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): 0.31.0

071920_virtualhost

Why is this configuration not redirecting traffic to https?

I also tried adding another VirtualHost block like:
071920_vhost443
but had no success

What’s the certbot error? Nevermind, you’re manually trying to add the redirect.

I also have this file created by certbot:
071920_vhost443
not sure why there are two port 80 blocks. Both this file and the other are enabled on Apache. I was thinking maybe get rid of second 80 block, add my other domain redirect, disable the other file, and just use this one?

Certbot added it for me. I am not having any Certbot errors. When I use ssl labs to test the site I get a B grade (I need to disable tlsv1) and it says that the site is secure and has no problem with the certificate. However, when I tested the site on whynopadlock, it stated that traffic is not being redirected to https. I thought the RewriteRule in the first file was doing this redirect though so I am unsure of what the problem is.

1 Like

Hi @code4gdtyme

if your redirect doesn’t work, there are some options:

  • The redirect is wrong
  • the vHost isn’t used.
  • there is another application that manages the vHosts

http + non-www -> http status 200
http + www -> redirect to http + non-www.

Combinations of port and domain names must be unique.

What says

apachectl -S

PS: There is a wp_woocommerce_session_d05ce0d575061e16828b7683436bc626 cookie. Is that Apache really used?

2 Likes

Okay I am starting to think the wrong vhost is being used. What do you mean by your p.s. ? I am aware of that cookie I am just not understanding what you are asking.

Where is that redirect www -> non-www defined?

That redirect works with http and https - see https://check-your-website.server-daten.de/?q=handmademama.net#url-checks

That vHost is used.

2 Likes

I am using a Linode cloud server so it is defined in the DNS Manager


This is how the DNS manager is used. You can also manually configure DNS and set it up to prefer those files versus DNS manager settings.

A http redirect isn’t defined in your dns settings.

These are two completely different things.

Read the output of the check - a DNS CNAME has nothing to do with a server http status 301 - Redirect.

2 Likes

Sorry, I get confused by your replies. Is the redirect not defined in the first file of this post?

1 Like

Yes, but under normal circumstances this redirect works perfectly. For some reason, something is interfering. However, we can’t see the interfering part, probably because you’ve only posted a part of the total Apache configuration. Perhaps it could even be a .htaccess configuration issue.

Therefore, @JuergenAuer asked for the output of apachectl -S previously.

1 Like

Okay, I must have missed that. Here is the output:

1 Like

You’ve many duplicate virtualhosts for your .net domain! You even have a port 80 virtualhost in the ~-le-ssl.conf file? Why’s that? Normally, certbot uses the port 80 virtualhost from the regular conf file to generate a separate ~-le-ssl.conf file for just the port 443 virtualhost.

I’m pretty sure you’ve got to clean up your configuration so there’s only a single port 80 virtualhost for each domain. And I think it’s best to keep the port 80 virtualhosts to the regular conf file and keep the port 443 virtualhosts in the -le-ssl.conf file.

1 Like

Certbot created the entire ssl.conf and I made zero changes. I made the other one myself that I posted at the top. Okay so I am going to take the port 80s out of ssl.conf and take the port 443 out of the other. Then I am going to make separate files for the other domains like handmademama.shop.conf and an ssl.conf to go with each. Does that sound right?

1 Like

certbot should not have put the port 80 virtualhost in that file. Perhaps there already was a surplus of port 80 virtualhosts before certbot ran?

Very good. Check with apachectl -S that it only has one port 80 virtualhost in the non-le-ssl conf files per domain and only one port 443 in the le-ssl-conf files.

Do you have a certificate for those domains? You can check with certbot certificates.

1 Like

Maybe I somehow did that while configuring Apache or something, but I feel like the file did not exist before I used Certbot

No I will need to generate them. I tried previously but my configuration was not right.

Thank you for your help. I will be sure to post when I get it working and/or if I run into problems

Hm, I do see a certificate for all your domains: https://crt.sh/?id=3100422893

Is that certificate still around? Check with certbot certificates.

1 Like

It appears to be:
image

1 Like

You can also use that certificate with the -0002 postfix. Unfortunately, I recon it’s easier to make the modifications to your Apache configuration manually, as you’re already manually editing the files, than to let certbot do it.

1 Like