redireciona http para https usando .htaccess com falha

1

Eu tenho um site que usa SLL flexível CloudFlare hospedado no HostGator.

Desejo redirecionar as solicitações HTTP all para o URL HTTPS correspondente. Sem exceções. Pretendo colocar a regra no topo com L , por isso, quando forem tratadas todas as regras de regravação a seguir, não devem ser testadas.

Meu código atual é este:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]

Mas isso resulta em redirecionamentos infinitos para a versão HTTPS. Aqui estão os cabeçalhos HTTP do FireFox Live:

https://example.net/

GET / HTTP/1.1
Host: example.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:51.0) Gecko/20100101 Firefox/51.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Language: da,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/2.0 301 Moved Permanently
Date: Wed, 15 Feb 2017 15:20:35 GMT
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: __cfduid=d07edac1644bccce1642d2c845767f9951487172035; expires=Thu, 15-Feb-18 15:20:35 GMT; path=/; domain=.example.net; HttpOnly
Location: https://example.net/
Server: cloudflare-nginx
cf-ray: 3319bea4dd2f3cfb-CPH
X-Firefox-Spdy: h2


http://ocsp.digicert.com/

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:51.0) Gecko/20100101 Firefox/51.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Language: da,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate
Content-Length: 83
Content-Type: application/ocsp-request
DNT: 1
Connection: keep-alive 0Q0O0M0K0I0 +

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: public, max-age=172800
Content-Type: application/ocsp-response
Date: Wed, 15 Feb 2017 15:20:35 GMT
Etag: "58a44f61-1d7"
Expires: Wed, 22 Feb 2017 03:20:35 GMT
Last-Modified: Wed, 15 Feb 2017 12:53:53 GMT
Server: ECS (arn/459D)
X-Cache: HIT
Content-Length: 471


https://example.net/

GET / HTTP/1.1
Host: example.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:51.0) Gecko/20100101 Firefox/51.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Language: da,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate, br
Cookie: __cfduid=d07edac1644bccce1642d2c845767f9951487172035
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/2.0 301 Moved Permanently
Date: Wed, 15 Feb 2017 15:20:35 GMT
Content-Type: text/html; charset=iso-8859-1
Location: https://example.net/
Server: cloudflare-nginx
cf-ray: 3319bea7ddfb3cfb-CPH
X-Firefox-Spdy: h2


https://example.net/

GET / HTTP/1.1
Host: example.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:51.0) Gecko/20100101 Firefox/51.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Language: da,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate, br
Cookie: __cfduid=d07edac1644bccce1642d2c845767f9951487172035
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/2.0 301 Moved Permanently
Date: Wed, 15 Feb 2017 15:20:36 GMT
Content-Type: text/html; charset=iso-8859-1
Location: https://example.net/
Server: cloudflare-nginx
cf-ray: 3319beaaae7e3cfb-CPH
X-Firefox-Spdy: h2

Eu tenho visto outras perguntas similares, mas a maioria das soluções sugeridas é uma variação do que eu uso atualmente, e eu as experimentei (mas sinta-se à vontade para recomendar o que funcionou para você, e eu tentarei).

    
por Tom 15.02.2017 / 16:29

2 respostas

3

Cloudflare Flexible SSL: secure connection between your visitor and CloudFlare, but no secure connection between CloudFlare and your web server. You don't need to have an SSL certificate on your web server, but your visitors still see the site as being HTTPS enabled. Source

Como você redireciona para HTTPS de seu servidor, em vez de usar uma regra de página do Cloudflare, até mesmo as solicitações HTTPS do cliente sempre acionam a regra de redirecionamento.

1. Client ---> HTTP ----> Cloudflare CDN ----> HTTP ----> Your server
                                                                 | 
                         <-------  Response: Redirect to HTTPS <- 

2. Client ---> HTTPS ----> Cloudflare CDN ----> HTTP ----> Your server
                                                                 | 
                         <-------  Response: Redirect to HTTPS <-

3. Client ---> HTTPS ----> Cloudflare CDN ----> HTTP ----> Your server
                                                                 | 
                         <-------  Response: Redirect to HTTPS <-

O Cloudflare não fala HTTPS no seu servidor da Web e cria um loop de redirecionamento infinito.

Para resolver isso, você precisará remover o redirecionamento do arquivo .htaccess e configurar uma regra de página do Cloudflare.

    
por 15.02.2017 / 16:49
2
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NE]

Parcialmente tirado de: link

    
por 15.02.2017 / 18:10