I’m curious if it’s possible to use both (in the Virtualmin GUI, as opposed to editing Apache configuration files) of these features on the same hostname, it seems that if I turn the proxy website option on, even though in the gui it shows that the “Redirect all requests to SSL site” option is set to “Yes”, it stops redirecting from http to https for that domain, and if I try to go to the http version of a site, it lets me go there instead of redirecting to https.
What I’m using as a workaround is things like…
sub1.domain.tld = proxy to http://10.10.0.2:12345
sub2.domain.tld = redirect http and https to https://sub1.domain.tld
…and then I visit sub2.domain.tld in my browser, which redirects me to the https version of the proxied website.
Hopefully what I’m saying makes sense.
In other words, when I visit sub1, the hostname with both proxying turned on and redirect from http to https turned on, if I enter http://sub1.domain.tld in the address bar I am allowed to visit the http site, without being redirected to https, even though redirect from http to https is turned on.
I’m using sub2 as a “band-aid” because I want to end up on the https version of sub1, without needing to type https in the address bar, because I am not allowed to visit the http site of sub2 as I am immediately redirected to https if I attempt to enter http://sub2.domain.tld in the address bar
That seems bug-like. It should work, and the redirect should occur before the proxy rules in the Apache rules…it shouldn’t need any hoop-jumping. I thought it worked like that already; I feel like I’ve done this before. But maybe I set it up manually just because I’m more comfortable at the command line.
@Joe please test those kind of options also if some hsts and redirects are implemented in the configs.
The www, non www, https and non https, the right order is important there some cp’s do this wrong!
Example’s wrong are:
www.tst1.mydomain to https.nonwww.tst2.mydomain
www.tst1.mydomain to https.nonwww.tst1.mydomain
Should be first redirect to the nonwww from the http:nonwww.tst1.mydomain then to https
And i don’t know the order if to other subdomain redirect or proxy , could be even possible you can’t use hsts for the .tst1.mydomain itself if it should resolv under tst2.mydomain ?
Remember because of HSTS is partly in browsers handled the “redirect” to https after first visits. So if tst1.mydomain has value of HSTS for 365 day’s from a visit before where this was set, and later changed…
OK, thanks @Joe, if you need logs or configuration files or anything from me I’d be happy help, and it’s not something impacting “production work” for me, it was just a curiosity, and using two subdomains is “fine”.
I’ve done this in the CLI also, but I’m trying to move everything into Virtualmin, and just use it’s GUI, because it’s been fantastic and convenient compared to managing certbot requests and reverse proxy configurations manually the past several years.