Love Fuel?    Donate

FuelPHP Forums

Ask your question about FuelPHP in the appropriate forum, or help others by answering their questions.
Https configuration
  • arturfcoutoarturfcouto
    Hi, I'm trying to force my application to only use HTTPS, so, I used this code in my .htaccess file:

    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{SERVER_NAME}/$1 [R,L]

    But, when I'm using https, fuel doesnt recognize the "paths" of my pages. 
    If I have a controller named "PAGE" and try to access via https://example.com/page I get a 404 not found error...
    While if I access my assets folder in https, unlike in http where I get a 403 forbidden error, it receive the list of the folders and files on it...

    Anyone have any clue?

    Thx!!
  • HarroHarro
    Any hardcoded HTTP in your app config?
  • arturfcoutoarturfcouto
    My app/config.php file is standard, my base url is defined as null.

    Also, this configs are set:

    'uri_filter'       => array('htmlentities'),
    'output_filter'  => array('Security::htmlentities'),

    I made a "Certbot" installation on my server, a free certified from Lets Encrypt. The program has made some modifications on apache. This can be the cause?


    Ty!

  • HarroHarro
    Possible, I don't know.

    Doesn't HTTPS work at all, or only not when you try to redirect?

    And why do you get a "forbidden" when you try to access assets over HTTP?
  • arturfcoutoarturfcouto
    Https is working fine, but not when using "custom url". If I try acess an existent file or directory its ok, but when I try to acess a controller page, it try to find an existent folder with that name, ignoring the custom url.

    Look:
    35.199.117.226/welcome = OK
    https://35.199.117.226/welcome = not found

    I'll try to unistall or modify the certbot, or maybe reinstall apache

    Thx!
  • HarroHarro
    I doubt that is the problem, since loading assets over HTTPS works fine. 

    I'd rather think the problem is in your rewrite rules. The default .htaccess that is suppied by Fuel works on both http and https sites. so if you start by reinstating that, and once that works over https, add a redirect from http to https?

  • arturfcoutoarturfcouto
    My .htaccess is the default one, I overlap with the 1.9 default and the problem persist

    It looks like when I try to acess via https, my apache ignore the .htaccess files and so the "friendly url" that Fuel have. I can acess every file or directory that actually exist on that path, but when trying to acess some url when the friendly url is applicable, I get 404, like /welcome, because there is no folder named welcome.

    I'm using Google Cloud Platform (Compute Engine), and restore my server to a lamp-stack image, the only commands to enable https I did after was:

     sudo a2ensite default-ssl
     sudo a2enmod ssl

    It is really odd, I can't even find on the web for other people with the same problem...

    Thx for helping me!

  • arturfcoutoarturfcouto
    Assuming that my HTTPS was "ignoring" the .htacces file I looked in my apache2.conf

    For some reason my allowoverride was none by default:

    <Directory /var/www/>
    Options Indexes FollowSymLinks
    AllowOverride None
    Require all granted
    </Directory>

    Changed AllowOverride to All and now is all working like a charm

    Thank you very much for your help!!
  • HarroHarro
    That explains! Good you found the issue, and thanks for the feedback.
Add a Comment

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Apply for Membership

Categories

In this Discussion