summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorhelmo2018-07-13 08:39:11 (GMT)
committerHerman van Rink2018-07-13 08:39:11 (GMT)
commit6c9b9408f4c0be8da4df9cbe5c00eee7fac71db4 (patch)
treef378d1bffe3a1f46e0409d69e9637d6b17482a38
parent936ec1012512b02868749f61824f4bca2ea69def (diff)
Issue #2952366 by helmo, antoine.guichard, memtkmcc: Exclude /.well-known/acme-challenge from "HTTPS Required"HEAD7.x-3.x
-rw-r--r--http/Provision/Config/Apache/vhost.tpl.php4
-rw-r--r--http/Provision/Config/Apache/vhost_disabled.tpl.php5
2 files changed, 9 insertions, 0 deletions
diff --git a/http/Provision/Config/Apache/vhost.tpl.php b/http/Provision/Config/Apache/vhost.tpl.php
index 73b4819..361ecbc 100644
--- a/http/Provision/Config/Apache/vhost.tpl.php
+++ b/http/Provision/Config/Apache/vhost.tpl.php
@@ -42,10 +42,14 @@ if ($this->redirection || $ssl_redirection) {
if ($ssl_redirection && !$this->redirection) {
print " # Redirect aliases in non-ssl to the same alias on ssl.\n";
+ print " # Except for /.well-known/acme-challenge/ to prevent potential problems with Let's Encrypt\n";
+ print " RewriteCond %{REQUEST_URI} '!/.well-known/acme-challenge/'\n";
print " RewriteRule ^/*(.*)$ https://%{HTTP_HOST}/$1 [NE,L,R=301]\n";
}
elseif ($ssl_redirection && $this->redirection) {
print " # Redirect all aliases + main uri to the selected alias https uri.\n";
+ print " # Except for /.well-known/acme-challenge/ to prevent potential problems with Let's Encrypt\n";
+ print " RewriteCond %{REQUEST_URI} '!/.well-known/acme-challenge/'\n";
print " RewriteRule ^/*(.*)$ https://{$this->redirection}/$1 [NE,L,R=301]\n";
}
elseif (!$ssl_redirection && $this->redirection) {
diff --git a/http/Provision/Config/Apache/vhost_disabled.tpl.php b/http/Provision/Config/Apache/vhost_disabled.tpl.php
index 7d03c17..41343be 100644
--- a/http/Provision/Config/Apache/vhost_disabled.tpl.php
+++ b/http/Provision/Config/Apache/vhost_disabled.tpl.php
@@ -15,6 +15,11 @@
?>
RewriteEngine on
+
+ # Redirect ALL visitors to a configured url.
+ # Except for /.well-known/acme-challenge/ to prevent potential problems with Let's Encrypt
+ RewriteCond %{REQUEST_URI} '!/.well-known/acme-challenge/'\n";
+
# the ? at the end is to remove any query string in the original url
RewriteRule ^(.*)$ <?php print $this->platform->server->web_disable_url . '/' . $this->uri ?>?