Default SSL site

Discussion in 'General' started by SamTzu, Jun 16, 2017.

  1. SamTzu

    SamTzu Member HowtoForge Supporter

    Does any 1 know of an easy way to create or define a default SSL (empty) website that all unwanted SSL requests go to rest?
    Usually if legitimate website that does not use SSL is tried to reach with HTTPS then ISPconfig will return first SSL enabled website (in broken format.) It would be nice if there was a way to force all those wrong HTTPS requests to an empty page.
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    A default SSL site is possible, but it will produce SSL errors as the SSL cert of the default site will not contain the domains of all other sites that potentially redirect to it. If you want to have a default site, create a website in ISPConfig which is the first one in alphabet, the domain does not has to be a real domain, you can e.g. use 000default.tld as domain, then enable SSL in the website settings and create a self-signed SSL cert on the SSL tab of the site. As mentioned above, the users will get an SSL error first before they would see the empty site, but at least they will not get content from a wrong website in that case anymore.
     
  3. SamTzu

    SamTzu Member HowtoForge Supporter

    Good idea. I will try that.
    thx
     

Share This Page