hi
i have one https site with certificate
whenever someone types in the url of any other domain with https protocol (like https://globalsolidarity.eu), then he is redirected to that site (https://cvsite.info)
the https site is running on the same IP as all other sites, only on port 443 obviously.
I can understand it falls back to the default https site. However I want to change that behavior and show a standard message, something like: Please use http in the url, not https.
It sounds like you may have some mod_rewrite stuff going on in your ssl.conf.
I believe you use CentOS, correct?
What does this show:
grep -i rewrite /etc/httpd/conf,d/ssl.conf
If mod_rewrite is what’s being used there, you should be able to tweak it to go to a custom page that has a message you want (or, if you preferred, to automatically redirect to the “http” URL).
-Eric
I’m not sure which setting is doing that (and my system doesn’t redirect the way yours does).
Is there any rewrite code in /etc/httpd/conf/httpd.conf?
If not, would you consider posting your ssl.conf file? Feel free to hide any actual sites or ip addresses, but I’m curious what other settings are active in there.
-Eric
#
# This is the Apache server configuration file providing SSL support.
# It contains the configuration directives to instruct the server how to
# serve pages over an https connection. For detailing information about these
# directives see <URL:http://httpd.apache.org/docs/2.2/mod/mod_ssl.html>
#
# Do NOT simply read the instructions in here without understanding
# what they do. They're here only as hints or reminders. If you are unsure
# consult the online docs. You have been warned.
#
LoadModule ssl_module modules/mod_ssl.so
When we also provide SSL we have to listen to the
the HTTPS port in addition.
Listen *:443
SSL Global Context
All SSL configuration in this context applies both to
the main server and all SSL-enabled virtual hosts.
Some MIME-types for downloading Certificates and CRLs
I’m sorry Ronald, I guess I’ve been stalling on a reply as I’m not sure sure what’s doing that redirect
In theory, having a *:443 wouldn’t generate an actual redirect; it would just attempt to listen on all interfaces (which is actually undesirable, but probably isn’t what we’re looking for here).
You don’t happen to have a .htaccess file in the public_html dir that may be doing that, do you?
-Eric
i have the default joomla .htaccess in there, but the ‘redirect’ is taking place before one reaches the https site.
I have the idea that apache is simply delivering the first ssl site it sees. Would that be correct?
.htaccess
## Can be commented out if causes errors, see notes above.
Options +FollowSymLinks
mod_rewrite in use
RewriteEngine On
########## Begin - Rewrite rules to block out some common exploits
If you experience problems on your site block out the operations listed below
This attempts to block the most common type of exploit attempts to Joomla!
Block out any script trying to set a mosConfig value through the URL