(SOLVED) Enabling SSL redirects to the first website using SSL Debian 6 Squeeze - ISPConfig 3 - Postfix, Dovecot, Apache2, Bind, Horde 5 G'day guys, I have multiple websites hosted on this VPS. Now I have never had an issue due to nobody ever wanted SSL access on their website. They do now. For example I have the following: example.com example.com.au http://example.com goes to the right folder https://example.com goes to the same http://example.com.au goes to a different but right folder https://example.com.au goes to https://example.com Now I'm sure that its something to do with mod_rewrite but where I don't even know where to start looking. Any help is GREATLY appreciated
The ssl protocol is IP based, so if you share the IP address of a sll site with other non ssl sites, all requests to thes other sites were redirected to the ssl site. So this is normal and not a issue with mod_rewrite. There are two options: 1) Use a dedicated (different) IP address for the ssl site. b) Add rewrite rules to the ssl vhost that redirect all https requests that are not for the sl site to the http version of the domain were the requests are for. I dont have a redirect code for this at hand, but I guess you should be able to find one with google or maybe someone else has one already and can post it here.
Thanks for the response Till, So with anyone who hosts on a VPS they need to purchase an external IP for each domain that uses SSL? As for the rewrite would have to be added to the default website? In ISPConfig? What is the best practice here? Purchase separate IP's?
Yes, thats part of the "standard" ssl specification, so its not specific to ispconfig. ISPCOnfig supports also SSL with SNI which is basically a shared ssl for namebased vhosts, but sni works only with latest web browsers, especially older Internet Exploerer versions cause problems. To prevent the above if you would use sbi would require to add a default ssl host similar to the default vhost for http. It has to be added in the website which has ssl enabled. The easiest and cleanest solution wold be to purchase a separate IP address for the ssl site. But the other approach with the rewrite rules might work as well for you, I guess it mostly depends on the prices for IP addresses that you get charged.
Yes, thats part of the "standard" ssl specification, so its not specific to ispconfig. ISPConfig supports also SSL with SNI which is basically a shared ssl for namebased vhosts, but sni works only with latest web browsers, especially older Internet Exploerer versions cause problems. To prevent the above if you would use sni would require to add a default ssl host similar to the default vhost for http. It has to be added in the website which has ssl enabled. The easiest and cleanest solution wold be to purchase a separate IP address for the ssl site. But the other approach with the rewrite rules might work as well for you, I guess it mostly depends on the prices for IP addresses that you get charged.
