SYSTEM INFORMATION | |
---|---|
OS type and version | Ubuntu 20.04.4 LTS x64 |
Webmin version | 1.994 |
Virtualmin version | 7.1 |
Related packages | Nginx Website 2.23, Nginx SSL Website 1.17 |
Howdy,
Is there a way to instruct Virtualmin to create Nginx virtual hosts that only listen on port 443? Right now this does not seem possible, as if you attempt to create a virtual server and enable the “Nginx SSL Website” feature without enabling the “Nginx Website” feature, an error message pops up saying that an SSL Website cannot be enabled unless a regular one is also enabled.
However, I want all traffic received on port 80 to be redirected to port 443 by default so that SSL is forced across the board on our Nginx server, so I’ve set up a single virtual host block in my /etc/nginx/nginx.conf file that is designed to capture any traffic coming to port 80, regardless of the domain for which that traffic is destined, and perform an HTTP 301 permanent redirect to port 443.
Thus, I only want this single virtual host block to listen on port 80, with everything else, all my real virtual servers, listening only on port 443. As it stands now, whenever I create a new virtual server, I have to manually go in and edit its specific configuration file to remove the listener for port 80 so that, at all times, the only thing listening on port 80 is my custom redirect virtual host.
is there a specific reason why Virtualmin forces a virtual host to listen on both ports 80 and 443, rather than only 443? I would suspect that in today’s age of free SSL certificates (offered by Let’s Encrypt) and Web browsers that ding you if your site is not using HTTPS, Virtualmin would no longer want to actively support or encourage use of port 80 anymore.
I realize that Virtualmin does have the ability to create a per-virtual-host redirect from port 80 to 443, while still having the virtual host listen on port 80, but this is not what I want as I do this centrally now via one virtual host block in the Nginx configuration file, as stated previously, so as to prevent duplicate configuration settings.
Thanks for any insight/assistance provided on this