Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
I
ISPConfig 3
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 489
    • Issues 489
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Merge Requests 25
    • Merge Requests 25
  • CI / CD
    • CI / CD
    • Pipelines
    • Jobs
    • Schedules
  • Operations
    • Operations
    • Incidents
    • Environments
  • Analytics
    • Analytics
    • CI / CD
    • Repository
    • Value Stream
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Members
    • Members
  • Collapse sidebar
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
  • ISPConfig
  • ISPConfig 3
  • Issues
  • #5143

Closed
Open
Opened Oct 02, 2018 by Viktor@Taran

sites without https give someone else's content.

If at least one site creates https keys, then all other sites that do not have https begin to give https content to the site where the keys are registered. HTTP connection is different from HTTPS since HTTP referer is sent after connection. Wherein HTTP referer is not readable, but by taking the nearest keys, it is the nearest! Those that will be closer alphabetically!

correct behaviour

Create at least 1 sites with https

environment in any versions of ispconfig!

proposed fix

ln -s /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled/1.conf

Partial solution of the problem, put the first 1.conf file, since it goes first and when there are no keys, it comes across first, you understand this crooked solution.

The right decision is to create https keys for each site by default, and if the parela is disabled, https then document root "/var/www/html/ssl" if SSL is enabled, then change document roots to real. There is no other way! In any case, the site will be accessible via https!

Or refuse to listen *: 443 obsalyutno in all files, and do dynamic or ports or IP but this is even less preferred option. v

Edited Oct 02, 2018 by Till Brehm
Assignee
Assign to
None
Milestone
None
Assign milestone
Time tracking
None
Due date
None
Reference: ispconfig/ispconfig3#5143