Ping a Specific Port

Question

Tils

Asked: 2020-04-26 19:16:43 +0800 CST2020-04-26 19:16:43 +0800 CST 2020-04-26 19:16:43 +0800 CST

Apache .htaccess: SSLRequireSSL produces HTTP 500 internal server error

772

I have an Apache web server hosted on one.com. The OpenSSL module is active and working. I can manipulate .htaccess and I see the reactions. I want to rely on SSL, and redirection by rewriting works fine. Also, I need user authentication. It works fine with AuthType Basic. There is just one downside: When a user requests http://sub.example.com/non-existent-file (without SSL, of course with my real domain name), they will see a log-in prompt without SSL. Of course, I want to prohibit sending passwords unencrypted. I read, the simplest solution would be to use the SSLRequireSSL directive, but my Apache doesn’t seem to like it. Let me break down the example to reproduce the error. A completely black .htaccess file lets the server provide content on both http and https. If I add only SSLRequireSSL and nothing else into .htaccess, I get an HTTP 500 internal server error.

.htaccess

SSLRequireSSL

→ 500 internal server error

Why is that and how should I use SSLRequireSSL instead?

My complete .htaccess file without SSLRequireSSL:

<IfModule mod_rewrite.c>

    RewriteEngine on
    RewriteCond %{HTTPS} off
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=307]
    Redirect 307 /index.php /pages/welcome.php

</IfModule>

<IfModule mod_authn_file.c>

    AuthName "Get username and password from admin."
    AuthType Basic
    <if "%{REMOTE_ADDR} -ipmatch '192.168.0.0/24'">
        AuthUserFile /home/user/www/sub.example.com/html/.htpasswd
    </if>
    <else>
        AuthUserFile /customers/1/a/0/example.com/httpd.www/sub/.htpasswd
    </else>
    Require valid-user
    Order deny,allow
    Deny from all
    Allow from 192.168.0.0/24 w3.org googlebot.com
    Satisfy Any

</IfModule>

I could not determine my Apache version. The PHP function apache_get_version() does not exist. php_sapi_name() returns cgi-fcgi. I can access an SSH terminal. There is no command starting with apache… or Apache…. But I suppose Apache is running, because in phpinfo() it tells about a constant $_SERVER['SERVER_SOFTWARE'] set to Apache and $_ENV['SERVER_SOFTWARE'] also set to Apache.

1 Answers

Voted

Gerard H. Pille · Answer 1 · 2020-05-01T01:05:09+08:00

Best Answer

Gerard H. Pille

2020-05-01T01:05:09+08:002020-05-01T01:05:09+08:00

This is how I managed it using .htaccess:

RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

<If "%{HTTPS} == 'on'">
    AuthType Basic
    AuthName "Restricted Files"
    AuthBasicProvider file
    AuthUserFile "/var/www/html/secrets/.passwd"
    Require valid-user
</If>

0

Apache .htaccess: SSLRequireSSL produces HTTP 500 internal server error

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?