.htaccess - 使 SSL/HTTPS 与 Symfony2 一起工作时遇到问题

Question

网站在没有 https 的情况下加载正常，但是当我添加以下两行时，网站只显示根目录内容:

RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://www.website.com/$1 [L,R=301]

.htaccess

# Use the front controller as index file. It serves as a fallback solution when
# every other rewrite/redirect fails (e.g. in an aliased environment without
# mod_rewrite). Additionally, this reduces the matching process for the
# start page (path "/") because otherwise Apache will apply the rewriting rules
# to each configured DirectoryIndex file (e.g. index.php, index.html, index.pl).
DirectoryIndex app.php

<IfModule mod_rewrite.c>
    RewriteEngine On

    RewriteCond %{HTTP_USER_AGENT} libwww-perl.*
    RewriteRule .* – [F,L]

    RewriteCond %{HTTP_HOST} !^www.website.com$ [NC]
    RewriteRule ^(.*)$ http://www.website.com/$1 [L,R=301]

    RewriteCond %{HTTPS} !=on
    RewriteRule ^(.*)$ https://www.website.com/$1 [L,R=301]

    # Determine the RewriteBase automatically and set it as environment variable.
    # If you are using Apache aliases to do mass virtual hosting or installed the
    # project in a subdirectory, the base path will be prepended to allow proper
    # resolution of the app.php file and to redirect to the correct URI. It will
    # work in environments without path prefix as well, providing a safe, one-size
    # fits all solution. But as you do not need it in this case, you can comment
    # the following 2 lines to eliminate the overhead.
    # RewriteCond %{REQUEST_URI}::$1 ^(/.+)/(.*)::\2$
    # RewriteRule ^(.*) - [E=BASE:%1]

    # Redirect to URI without front controller to prevent duplicate content
    # (with and without `/app.php`). Only do this redirect on the initial
    # rewrite by Apache and not on subsequent cycles. Otherwise we would get an
    # endless redirect loop (request -> rewrite to front controller ->
    # redirect -> request -> ...).
    # So in case you get a "too many redirects" error or you always get redirected
    # to the start page because your Apache does not expose the REDIRECT_STATUS
    # environment variable, you have 2 choices:
    # - disable this feature by commenting the following 2 lines or
    # - use Apache >= 2.3.9 and replace all L flags by END flags and remove the
    #   following RewriteCond (best solution)
    RewriteCond %{ENV:REDIRECT_STATUS} ^$
    RewriteRule ^app\.php(/(.*)|$) %{ENV:BASE}/$2 [R=301,L]

    # If the requested filename exists, simply serve it.
    # We only want to let Apache serve files and not directories.
    RewriteCond %{REQUEST_FILENAME} -f
    RewriteRule .? - [L]

    # Rewrite all other queries to the front controller.
    RewriteRule .? %{ENV:BASE}/app.php [L]
</IfModule>

<IfModule !mod_rewrite.c>
    <IfModule mod_alias.c>
        # When mod_rewrite is not available, we instruct a temporary redirect of
        # the start page to the front controller explicitly so that the website
        # and the generated links can still be used.
        RedirectMatch 302 ^/$ /app.php/
        # RedirectTemp cannot be used instead
    </IfModule>
</IfModule>

<IfModule mod_deflate.c>
    AddOutputFilterByType DEFLATE text/css
    AddOutputFilterByType DEFLATE text/javascript
    AddOutputFilterByType DEFLATE application/x-javascript
    AddOutputFilterByType DEFLATE application/javascript
    AddOutputFilterByType DEFLATE text/x-component
    AddOutputFilterByType DEFLATE text/html
    AddOutputFilterByType DEFLATE text/richtext
    AddOutputFilterByType DEFLATE image/svg+xml
    AddOutputFilterByType DEFLATE text/plain
    AddOutputFilterByType DEFLATE text/xsd
    AddOutputFilterByType DEFLATE text/xsl
    AddOutputFilterByType DEFLATE text/xml
    AddOutputFilterByType DEFLATE image/x-icon
    AddOutputFilterByType DEFLATE application/json
</IfModule>

编辑:

虚拟主机

<VirtualHost xxx.x.xx.x:80>
    ServerName website.com
    ServerAlias www.website.com
    ServerAdmin contact@website.com

    DocumentRoot /home/website/public_html/web
    <Directory /home/website/public_html/web>
        # enable the .htaccess rewrites
        AllowOverride All
        Order allow,deny
        Allow from All
    </Directory>
</VirtualHost>

Answer 1

如果你在 app/routing.yml 中设置它，你就不必搞乱 .htaccess。以下是您可以如何为特定网址声明它

secure_path:
    path:     /secure
    defaults: { _controller: AcmeDemoBundle:Main:secure }
    schemes:  [https]

这是 symfony 官方食谱中的示例 http://symfony.com/doc/current/cookbook/routing/scheme.html = 我确认这在我的项目中有效。

编辑 在您发布您的编辑后，我可以确定您没有为 443 创建虚拟主机。这是工作示例:

<VirtualHost *:443>
  ServerName example.tld
  ServerAlias www.example.tld

SSLEngine on
SSLCertificateFile /etc/apache2/ssl/your-cert-here.crt
SSLCertificateKeyFile /etc/apache2/ssl/your-key-here.key
SSLOptions StrictRequire
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
SSLCertificateChainFile /etc/apache2/ssl/file-chain.ca.pem
SSLCACertificateFile /etc/apache2/ssl/file.ca.pem

  DocumentRoot "/path/to/your/app/web"
  DirectoryIndex index.php
  <Directory "/path/to/your/app/web">
    AllowOverride All
    Allow from All
    Options -Indexes
 </Directory>

</VirtualHost>

当然要早点拿到证书

问候