Hi Guys! We are running a ISPConfig3 instance with around 300 Websites/Hosting Spaces. A lot of these are just for redirecting to other sites which works fine. Some of our sites use LetsEnrcrypt for encryption others, in most cases the redirecting ones, dont use SSL at all. The problem in this case is if a user browses a website where SSL is not enabled and uses https:// a certifikate of another website gets displayed with a error message. I assume this happens because apache looks for a valid 443 entrie and uses the first one it can find. Is there a way to stop this behaviour other than enabling SSL for every site? Maybe any redirect to :80 even if the user typed https:// for sites without SSL enabled? Thnak you in advance!
There are not many options, either enable ssl for all sites, or use a different IP address for SSL sites and one for sites without SSL. The issue behind that is apache and nginx both redirect access to a site that does not listen on the desired port (in this case 443 for https) to the first site they find instead.
Thank you for the quick answer! The solution with another IP adresse sounds great. I can just add another web-server and use that one for non-SSL only. Cheers!
If you have another web-server, this is probably the best solution. However, in principle you do not need that. If your server has 2 IP addresses (no problem for IPv6, might cost extra for IPv4), your web-server (apache/nginx) can listen on both and you can set the websites to listen to their specific IP. For sure, you have to make sure to keep track of the correct dns settings, too.
