Rewrite Rules not working with HTTPS

[Cyphis]

Hi all,

I have a fresh install of Ubuntu 18.04 that I have set up just basic Apache, PHP, MySQL, etc. The problem I'm facing is that my htaccess file is rewriting correctly with an http connection, but not over SSL.

RewriteEngine On
RewriteBase /

# Externally redirect /dir/foo.php to /dir/foo
RewriteCond %{THE_REQUEST} ^[A-Z]{3,}\s([^.]+)\.php [NC]
RewriteRule ^ %1/ [R,L]

# Trailing Slash    
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} !/$
RewriteRule . %{REQUEST_URI}/ [L,R=301]

As of now, this is the only contents of the file.  This code properly works with a standard http connection.  An example structure of http://example.com/pages/login.php becomes http://example.com/pages/login/

However, over an SSL connection, the browser returns a 404 error.  No errors in the Apache error log.  Nothing of use in the access log.  I'm stumped here.  Any ideas?

[requinix]

Can I assume the rest of the site works?

Did you put these rules into your virtualhost configuration or .htaccess?

[Cyphis]

Yes, everything works perfectly.  I have tried using this both in the htaccess file located in the document root, and the apache conf located: /etc/apache2/sites-available/000-default.conf

What I posted was my htaccess file.  As an example of what I've tried in the apache conf:

<VirtualHost *:80>
	<Directory /var/www/html>
                Options Indexes FollowSymLinks
                AllowOverride All
                Order allow,deny
                allow from all
     
		RewriteEngine On

		# Externally redirect /dir/foo.php to /dir/foo
		RewriteCond %{THE_REQUEST} ^[A-Z]{3,}\s([^.]+)\.php [NC]
		RewriteRule ^ %1/ [R,L]

		# Trailing Slash
		RewriteCond %{REQUEST_FILENAME} !-f
		RewriteCond %{REQUEST_URI} !/$
		RewriteRule . %{REQUEST_URI}/ [L,R=301]
	</Directory>
	
	# The ServerName directive sets the request scheme, hostname and port that
	# the server uses to identify itself. This is used when creating
	# redirection URLs. In the context of virtual hosts, the ServerName
	# specifies what hostname must appear in the request's Host: header to
	# match this virtual host. For the default virtual host (this file) this
	# value is not decisive as it is used as a last resort host regardless.
	# However, you must set it for any further virtual host explicitly.
	#ServerName www.example.com

	ServerAdmin webmaster@localhost
	DocumentRoot /var/www/html

	# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
	# error, crit, alert, emerg.
	# It is also possible to configure the loglevel for particular
	# modules, e.g.
	#LogLevel info ssl:warn

	ErrorLog ${APACHE_LOG_DIR}/error.log
	CustomLog ${APACHE_LOG_DIR}/access.log combined

	# For most configuration files from conf-available/, which are
	# enabled or disabled at a global level, it is possible to
	# include a line for only one particular virtual host. For example the
	# following line enables the CGI configuration for this host only
	# after it has been globally disabled with "a2disconf".
	#Include conf-available/serve-cgi-bin.conf
</VirtualHost>

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

I have restarted apache through SSH, and cleared browser cache for the 301 redirect.  Typed gibberish in the htaccess to force a 500 error to make sure it was being parsed.

[requinix]

<VirtualHost *:80>

If you're supporting HTTP and HTTPS, make sure you have everything on the HTTP side redirecting to the HTTPS side. So don't serve anything over HTTP except for redirects.

[Cyphis]

I have found the culprit

I managed to forget this little snippet in the main /etc/apache2/apache2.conf file:

<Directory /var/www/>
	Options Indexes FollowSymLinks
	AllowOverride None
	Require all granted
</Directory>

For some reason it was allowing the htaccess file to be read through HTTP but not through HTTPS, even with an override set in the default ssl conf file as well.  Changed it from None, and it works!

Thank you for your help!