Problems with https/http redirecting

Discussion in 'Installation/Configuration' started by pyte, Oct 28, 2021.

  1. pyte

    pyte New Member

    Hi Guys!
    We are running a ISPConfig3 instance with around 300 Websites/Hosting Spaces. A lot of these are just for redirecting to other sites which works fine. Some of our sites use LetsEnrcrypt for encryption others, in most cases the redirecting ones, dont use SSL at all. The problem in this case is if a user browses a website where SSL is not enabled and uses https:// a certifikate of another website gets displayed with a error message. I assume this happens because apache looks for a valid 443 entrie and uses the first one it can find.

    Is there a way to stop this behaviour other than enabling SSL for every site? Maybe any redirect to :80 even if the user typed https:// for sites without SSL enabled?

    Thnak you in advance!
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    There are not many options, either enable ssl for all sites, or use a different IP address for SSL sites and one for sites without SSL. The issue behind that is apache and nginx both redirect access to a site that does not listen on the desired port (in this case 443 for https) to the first site they find instead.
     
    pyte likes this.
  3. pyte

    pyte New Member

    Thank you for the quick answer!

    The solution with another IP adresse sounds great. I can just add another web-server and use that one for non-SSL only.

    Cheers!
     
  4. Steini86

    Steini86 Active Member

    If you have another web-server, this is probably the best solution. However, in principle you do not need that. If your server has 2 IP addresses (no problem for IPv6, might cost extra for IPv4), your web-server (apache/nginx) can listen on both and you can set the websites to listen to their specific IP. For sure, you have to make sure to keep track of the correct dns settings, too.
     

Share This Page