Redirection problem with non SSL-sites

Discussion in 'ISPConfig 3 Priority Support' started by Adde, Dec 1, 2016.

  1. Adde

    Adde New Member HowtoForge Supporter

    Hello,

    I have a couple of sites hosted on my ISPConfig 3 server and the majority of them use the LetsEncrypt SSL-certificates.
    They all force SSL usage with the following Apache-directive (individually per site):
    Code:
    RewriteEngine on
    RewriteCond %{SERVER_PORT} !^443$
    RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R] 
    Works flawlessly with sites that has the LetsEncrypt certificate.

    However.. For the sites that does not have any certificates and no RewriteRules, if I input https://domain.com for that non SSL activated site, I'm redirected to ANOTHER webpage on my server (seems to redirect to the first SSL activated page in alphabetical order(not confirmed)).

    Is this the expected behavior? If not, how can I prevent this from happening? It's somewhat embarrasing towards some customers sometimes when this happens :)

    And yes, for the most part I could activate SSL on all the sites but I want to understand what is happening under the hood and why.

    Scenario:
    https://encryption-DISABLED-site.com --Redirects--> https://another-encryption-ENABLED-site.com

    I'd gladly share more information, just let me know what you need from me.
     
  2. Croydon

    Croydon ISPConfig Developer ISPConfig Developer

    If calling a website that has no ssl active the first website with ssl active will always be shown. This cannot be changed.
    What you can do is creating a default website with ssl active that either redirects to non-ssl or shows a "no ssl available page". You have to make it load first by naming the vhost file something like 000-alwaysnossl.conf (because apache loads them in alphabetical order).
     
    Adde likes this.
  3. Adde

    Adde New Member HowtoForge Supporter

    Thanks a bunch Croydon, will try that out!
     
  4. Adde

    Adde New Member HowtoForge Supporter

    Hi again!
    Just came around to try this out now but I can't figure out how to and where to put the file. sites-available or enabled?
    If it's no to much to ask, could you provide the content for this file?

    Regards,
    Adde
     
  5. till

    till Super Moderator Staff Member ISPConfig Developer

    You can e.g. create that site in ispconfig, then enable ssl for that site, then uncheck the "active" checkbox in the site settings and finally create a symlink in the sites-enabled folder pointing to the vhost file which you find in the sites-enabled folder, then restart apache.
     

Share This Page