Hello, I have a couple of sites hosted on my ISPConfig 3 server and the majority of them use the LetsEncrypt SSL-certificates. They all force SSL usage with the following Apache-directive (individually per site): Code: RewriteEngine on RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R] Works flawlessly with sites that has the LetsEncrypt certificate. However.. For the sites that does not have any certificates and no RewriteRules, if I input https://domain.com for that non SSL activated site, I'm redirected to ANOTHER webpage on my server (seems to redirect to the first SSL activated page in alphabetical order(not confirmed)). Is this the expected behavior? If not, how can I prevent this from happening? It's somewhat embarrasing towards some customers sometimes when this happens And yes, for the most part I could activate SSL on all the sites but I want to understand what is happening under the hood and why. Scenario: https://encryption-DISABLED-site.com --Redirects--> https://another-encryption-ENABLED-site.com I'd gladly share more information, just let me know what you need from me.
If calling a website that has no ssl active the first website with ssl active will always be shown. This cannot be changed. What you can do is creating a default website with ssl active that either redirects to non-ssl or shows a "no ssl available page". You have to make it load first by naming the vhost file something like 000-alwaysnossl.conf (because apache loads them in alphabetical order).
Hi again! Just came around to try this out now but I can't figure out how to and where to put the file. sites-available or enabled? If it's no to much to ask, could you provide the content for this file? Regards, Adde
You can e.g. create that site in ispconfig, then enable ssl for that site, then uncheck the "active" checkbox in the site settings and finally create a symlink in the sites-enabled folder pointing to the vhost file which you find in the sites-enabled folder, then restart apache.
