Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > General

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 8th November 2014, 04:19
MostHostLA MostHostLA is offline
Junior Member
 
Join Date: Jan 2014
Posts: 4
Thanks: 2
Thanked 0 Times in 0 Posts
Default HTTPS / HTTP redirect / point issue

I have what I consider an "odd" occurrence:

Every website without an SSL (self signed or not) I run from my server incorrectly redirects to the first website I set up when a client tries to use SSL (https://something.com);

Really I don't know if this is supposed to be intended behavior or not, and if it is I'm at a loss as how to change it.

Normally I would expect that going to "https://something.com" - with no SSL - would alert me to the fact that the connection was untrusted and then proceed to show "http://something.com"

What is happening instead is that when you go to "https://something.com" you get "https://somethingcompletelydifferent.com" - after the untrusted alert.

Again, I have never had this happen before - particularly because why would I use SSL on a site I know it's not set up for it? - but it seems to be a problem specifically towards having clients who wish to just use the SSL protocol for transmitting data without a cert. at all...

... any and all help appreciated
Reply With Quote
Sponsored Links
  #2  
Old 8th November 2014, 11:39
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 36,804
Thanks: 840
Thanked 5,613 Times in 4,424 Posts
 
Default

What you describe is the normal behaviour of webservers when you use a shared IP address for ssl and non ssl websites. If a website exists as http ony and someone tries to access it by https and there is at least ne https site that uses the same IP, then the first website that has ssl enabled on the same IP address is shown.

There are several solutions for this:

a) use a dedicated IP address for this website or use a ip address for ssl sites and another one for sites without ssl.

b) create a default ssl vhost, so all request for non existing sites go to that default vhost. a default vhost is simply a site with a domain that alwas first in alphabet. like 000default.tld, the domain does not have to exist in dns.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
How to route a particular URL to both http and https and others to https in Apache uchmannuz Server Operation 0 12th September 2014 16:33
ISPConfig 3 website works on http but fails on https (ssl works) centos6 ISPConfig 3 Priority Support 7 8th February 2014 21:28
haproxy with stunnel problem abubin Server Operation 6 10th April 2012 16:08
ISPConfig HTTPS to HTTP kextra1 Tips/Tricks/Mods 1 30th April 2010 10:50
ISPConfig - From HTTPS to HTTP Hans Installation/Configuration 4 13th February 2006 20:27


All times are GMT +2. The time now is 02:42.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.