Project

General

Profile

Actions

Defect #22281

closed

http://redmine.org results in a 403 Forbidden

Added by Holger Just almost 9 years ago. Updated almost 5 years ago.

Status:
Closed
Priority:
Normal
Category:
Website (redmine.org)
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Resolution:
Fixed
Affected version:

Description

It seems that during a change of the webserver configuration for redmine.org, the non-www virtual host has gone missing. It would be great of you could re-introduce this vhost or at least add a redirect to www.redmine.org. Thanks!

http://redmine.org 403 Forbidden
http://www.redmine.org 200 OK
https://redmine.org 200 OK
https://www.redmine.org 200 OK

Related issues

Related to Redmine - Defect #24864: svn.redmine.org: "The certificate is not issued by a trusted authority"Closed

Actions
Has duplicate Redmine - Defect #22392: 403 for redmine.org without wwwClosedJean-Philippe Lang

Actions
Has duplicate Redmine - Defect #22489: Browsing to http://redmine.org/ results in HTTP 403 Forbidden errorClosedJean-Philippe Lang

Actions
Has duplicate Redmine - Defect #22791: Redmine.org => forbiddenClosed

Actions
Has duplicate Redmine - Defect #22896: Root Domain Provides 403 Forbidden ErrorClosed

Actions
Has duplicate Redmine - Defect #24777: Non-www version of redmine.org does not workClosedJean-Philippe Lang

Actions
Has duplicate Redmine - Defect #24834: Redmine website shows 403 errorClosed

Actions
Actions #1

Updated by Shubham Chaudhary almost 9 years ago

Holger Just wrote:

It seems that during a change of the webserver configuration for redmine.org, the non-www virtual host has gone missing. It would be great of you could re-introduce this vhost or at least add a redirect to www.redmine.org. Thanks!

http://redmine.org 403 Forbidden

I wanted to verify. New Delhi. India.

http://www.redmine.org 200 OK
https://redmine.org 200 OK
https://www.redmine.org 200 OK
Actions #2

Updated by Go MAEDA over 8 years ago

  • Has duplicate Defect #22392: 403 for redmine.org without www added
Actions #3

Updated by Toshi MARUYAMA over 8 years ago

  • Has duplicate Defect #22489: Browsing to http://redmine.org/ results in HTTP 403 Forbidden error added
Actions #4

Updated by Toshi MARUYAMA over 8 years ago

Actions #5

Updated by John Leach over 8 years ago

when searching for the term "redmine" using the duckduckgo search engine, http://redmine.org is listed as the first result as the "official site" (which then goes to the 403 forbidden site). So this is quite a bad experience for some people! Arguably ddg should fix this, but presumably they scraped it from somewhere else, so I guess the url is out there.

Actions #6

Updated by Toshi MARUYAMA over 8 years ago

  • Has duplicate Defect #22896: Root Domain Provides 403 Forbidden Error added
Actions #7

Updated by Go MAEDA almost 8 years ago

  • Has duplicate Defect #24777: Non-www version of redmine.org does not work added
Actions #8

Updated by Toshi MARUYAMA almost 8 years ago

  • Has duplicate Defect #24834: Redmine website shows 403 error added
Actions #9

Updated by Toshi MARUYAMA almost 8 years ago

  • Related to Defect #24864: svn.redmine.org: "The certificate is not issued by a trusted authority" added
Actions #10

Updated by Aleksandar Pavic almost 8 years ago

Well since redmine.org is served by apache here is Apache's .htaccess file that I use which is SEO friendly and works in every case, redirecting users from non-www to www, and forcing SSL:


<IfModule mod_rewrite.c>
  RewriteEngine On
  RewriteCond %{HTTP_HOST} !^www\.
 RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]
</IfModule>

You just need to enable mod-rewrite.

Actions #11

Updated by Toshi MARUYAMA almost 8 years ago

+1 forcing SSL.
I don't want to log-in to redmine.org on free Wi-Fi area.

Actions #12

Updated by Fernando Hartmann over 7 years ago

I just realized that http://redmine.org is now returning HTTP 302

~$ curl -v http://redmine.org
* Rebuilt URL to: http://redmine.org/
*   Trying 46.4.36.71...
* Connected to redmine.org (46.4.36.71) port 80 (#0)
> GET / HTTP/1.1
> Host: redmine.org
> User-Agent: curl/7.47.0
> Accept: */*
>
< HTTP/1.1 302 Found
< Date: Mon, 22 May 2017 12:39:15 GMT
< Server: Apache
< Location: http://www.redmine.org/
< Vary: Accept-Encoding
< Content-Length: 207
< Content-Type: text/html; charset=iso-8859-1
<
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.redmine.org/">here</a>.</p>
</body></html>
* Connection #0 to host redmine.org left intact

Toshi MARUYAMA wrote:

+1 forcing SSL.
I don't want to log-in to redmine.org on free Wi-Fi area.

Unfortunately this wasn't done, we are redirecting to HTTP, :-/

Actions #13

Updated by Go MAEDA almost 5 years ago

  • Status changed from New to Closed
  • Resolution set to Fixed

Now "GET http://redmine.org" returns "302 Found" instead of "403 Forbidden". In addition, HTTP is redirected to HTTPS.

http://redmine.org 302 Found (Location: https://redmine.org/)
http://www.redmine.org 302 Found (Location: https://www.redmine.org/)
https://redmine.org 200 OK
https://www.redmine.org 200 OK
Actions

Also available in: Atom PDF