htaccess rewrite rule not working with file extentions
I have two domains setup on the same folder on a server.
i.e.
dl.d123.com @ /var/www/public_html/dl.domain123.com
dl.domain123.com @ /var/www/public_html/dl.domain123.com
I have an htaccess file in /var/www/public_html/domain123.com with the following lines:
RewriteEngine On
#Rewrite URLs to one SSL domain
RewriteCond %{HTTP_HOST} ^dl\.d123\.com [NC]
RewriteRule ^(.*)$ https://dl.domain123.com/$1 [L,R=301,NC]
This rule is working fine with any URLs that does not contain file extension
dl.d123.com/folder1/folder2 redirects to dl.domain123.com/folder1/folder2
but doesnt work with any URL that contains a file extension
dl.d123.com/folder1/folder2/index.html stays the same.
It's not just html extension. Same thing with i.e. png files.
The server is setup with nginx as proxy.
nginx:80/443 -> apache:8080/8443
EDIT: (Domain name and IPs changed for privacy/security) Nginx configs :80
server {
listen 123.123.123.123:80;
server_name dl.domain123.org www.dl.domain123.org;
access_log /usr/local/apache/domlogs/dl.domain123.org.bytes bytes;
access_log /usr/local/apache/domlogs/dl.domain123.org.log full;
error_log /usr/local/apache/domlogs/dl.domain123.org.error.log error;
location / {
location ~.*\.(3gp|gif|jpg|jpeg|png|ico|wmv|avi|asf|asx|mpg|mpeg|mp4|pls|mp3|mid|wav|swf|flv|html|htm|txt|js|css|exe|zip|tar|rar|gz|tgz|bz2|uha|7z|doc|docx|xls|xlsx|pdf|iso|woff|ttf|svg|eot|sh|webp)$ {
root /home/s4h/dl.domain123.org;
expires max;
try_files $uri $uri/ @backend;
}
error_page 405 = @backend;
error_page 500 = @custom;
add_header X-Cache "HIT from Backend";
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
proxy_pass http://123.123.123.123:8181;
include proxy.inc;
}
location @backend {
internal;
proxy_pass http://123.123.123.123:8181;
include proxy.inc;
}
location @custom {
internal;
proxy_pass http://123.123.123.123:8181;
include proxy.inc;
}
location ~ .*\.(php|jsp|cgi|pl|py)?$ {
proxy_pass http://123.123.123.123:8181;
include proxy.inc;
}
location ~ /\.ht {deny all;}
location ~ /\.svn/ {deny all;}
location ~ /\.git/ {deny all;}
location ~ /\.hg/ {deny all;}
location ~ /\.bzr/ {deny all;}
location ~\.(ini|log|conf)$ {deny all;error_page 403 =404 / ;}
disable_symlinks if_not_owner from=/home/s4h/dl.domain123.org;
location /.well-known/acme-challenge {
default_type "text/plain";
alias /usr/local/apache/autossl_tmp/.well-known/acme-challenge;
}
location /.well-known/pki-validation {
default_type "text/plain";
alias /usr/local/apache/autossl_tmp/.well-known/acme-challenge;
}
}
Nginx configs:443
server {
listen 123.123.123.123:443 ssl ;
server_name dl.domain123.org www.dl.domain123.org;
access_log /usr/local/apache/domlogs/dl.domain123.org.bytes bytes;
access_log /usr/local/apache/domlogs/dl.domain123.org.log full;
error_log /usr/local/apache/domlogs/dl.domain123.org.error.log error;
ssl_certificate /etc/pki/tls/certs/dl.domain123.org.bundle;
ssl_certificate_key /etc/pki/tls/private/dl.domain123.org.key;
ssl_protocols TLSv1.2;
ssl_ciphers EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA!RC4:EECDH:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 60m;
location / {
location ~.*\.(3gp|gif|jpg|jpeg|png|ico|wmv|avi|asf|asx|mpg|mpeg|mp4|pls|mp3|mid|wav|swf|flv|html|htm|txt|js|css|exe|zip|tar|rar|gz|tgz|bz2|uha|7z|doc|docx|xls|xlsx|pdf|iso|woff|ttf|svg|eot|sh|webp)$ {
root /home/s4h/dl.domain123.org;
expires max;
try_files $uri $uri/ @backend;
}
error_page 405 = @backend;
error_page 500 = @custom;
add_header X-Cache "HIT from Backend";
add_header Strict-Transport-Security "max-age=31536000";
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
proxy_pass http://123.123.123.123:8181;
include proxy.inc;
}
location @backend {
internal;
proxy_pass http://123.123.123.123:8181;
include proxy.inc;
}
location @custom {
internal;
proxy_pass http://123.123.123.123:8181;
include proxy.inc;
}
location ~ .*\.(php|jsp|cgi|pl|py)?$ {
proxy_pass http://123.123.123.123:8181;
include proxy.inc;
}
location ~ /\.ht {deny all;}
location ~ /\.svn/ {deny all;}
location ~ /\.git/ {deny all;}
location ~ /\.hg/ {deny all;}
location ~ /\.bzr/ {deny all;}
location ~\.(ini|log|conf)$ {deny all;error_page 403 =404 / ;}
disable_symlinks if_not_owner from=/home/s4h/dl.domain123.org;
location /.well-known/acme-challenge {
default_type "text/plain";
alias /usr/local/apache/autossl_tmp/.well-known/acme-challenge;
}
location /.well-known/pki-validation {
default_type "text/plain";
alias /usr/local/apache/autossl_tmp/.well-known/acme-challenge;
}
}
dl.d123.com Nginx, Only port 80,, no SSL installed.
server {
listen 123.123.123.123:80;
server_name dl.d123.com www.dl.d123.com;
access_log /usr/local/apache/domlogs/dl.d123.com.bytes bytes;
access_log /usr/local/apache/domlogs/dl.d123.com.log full;
error_log /usr/local/apache/domlogs/dl.d123.com.error.log error;
location / {
location ~.*\.(3gp|gif|jpg|jpeg|png|ico|wmv|avi|asf|asx|mpg|mpeg|mp4|pls|mp3|mid|wav|swf|flv|html|htm|txt|js|css|exe|zip|tar|rar|gz|tgz|bz2|uha|7z|doc|docx|xls|xlsx|pdf|iso|woff|ttf|svg|eot|sh|webp)$ {
root /home/s4h/dl.domain123.com;
expires max;
try_files $uri $uri/ @backend;
}
error_page 405 = @backend;
error_page 500 = @custom;
add_header X-Cache "HIT from Backend";
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
proxy_pass http://123.123.123.123:8181;
include proxy.inc;
}
location @backend {
internal;
proxy_pass http://123.123.123.123:8181;
include proxy.inc;
}
location @custom {
internal;
proxy_pass http://123.123.123.123:8181;
include proxy.inc;
}
location ~ .*\.(php|jsp|cgi|pl|py)?$ {
proxy_pass http://123.123.123.123:8181;
include proxy.inc;
}
location ~ /\.ht {deny all;}
location ~ /\.svn/ {deny all;}
location ~ /\.git/ {deny all;}
location ~ /\.hg/ {deny all;}
location ~ /\.bzr/ {deny all;}
location ~\.(ini|log|conf)$ {deny all;error_page 403 =404 / ;}
disable_symlinks if_not_owner from=/home/s4h/dl.domain123.com;
location /.well-known/acme-challenge {
default_type "text/plain";
alias /usr/local/apache/autossl_tmp/.well-known/acme-challenge;
}
location /.well-known/pki-validation {
default_type "text/plain";
alias /usr/local/apache/autossl_tmp/.well-known/acme-challenge;
}
}
Solution 1:
The reason is the following block in nginx configuration:
location ~.*\.(3gp|gif|jpg|jpeg|png|ico|wmv|avi|asf|asx|mpg|mpeg|mp4|pls|mp3|mid|wav|swf|flv|html|htm|txt|js|css|exe|zip|tar|rar|gz|tgz|bz2|uha|7z|doc|docx|xls|xlsx|pdf|iso|woff|ttf|svg|eot|sh|webp)$ {
root /home/s4h/dl.domain123.org;
expires max;
try_files $uri $uri/ @backend;
}
This tells nginx to serve files directly with the mentioned extensions. Note, the list has .html and .png extensions.
You should do the redirect inside nginx:
server {
listen 123.123.123.123:80;
server_name dl.d123.com www.dl.d123.com;
access_log /usr/local/apache/domlogs/dl.d123.com.bytes bytes;
access_log /usr/local/apache/domlogs/dl.d123.com.log full;
error_log /usr/local/apache/domlogs/dl.d123.com.error.log error;
location / {
return 301 https://www.dl.domain123.org$request_uri;
}
}