Hi all A have acquired a new client that is a security type company. Unbeknownst to me they have started scanning and probing my servers. They have found that when they type :443 at the end of their domain name if lists the following http://***.com:443/manual ***.com/phpmyadmin http://***.com/apps/ http://***.com:443/html/ server default page shows up http://***.com:443/webalizer/ This is an ubuntu 14.04 server with the latest patches installed. I check it daily. I have one SSL certificate installed on the machine on a seperate IP address. I have no SSL certs installed on the main server ip. I have about 35 other sites on this server with all sharing the same ip. I am pretty sure that I have just missed something in the setup, but am not sure. I have searched on the internet for using Apache redirects to point them away from SSL, but there doesn't seem to be the standard entry on this site's virtual host record (/etc/apache2/sites-available/***.com-vhost Thoughts? Alex
Probably you dont have a default ssl vhost. run: a2ensite default-ssl to enable the default vhost for ssl in ubuntu and then restart apache.