Virtualhost one https site, the rest http

Posted by RJP1 on Server Fault See other posts from Server Fault or by RJP1
Published on 2013-06-27T19:25:50Z Indexed on 2013/06/28 10:23 UTC
Read the original article Hit count: 186

Filed under:
|
|
|

I have a linode server with Apache2 running a handful of sites with virtualhosting.

All sites work fine on port 80, but one site has a ssl certificate and also runs okay.

My problem is as follows:

The non-https sites, if visiting https://domain.com - show the contents of the only secure site...

Is there a way of disabling the *:443 match for these non-secure sites?

Thanks!

EDIT (more information):

Here's a typical config in sites-available for a normal insecure http site:

<VirtualHost *:80>
  ServerName  www.insecure.com
  ServerAlias insecure.com

  ...

</VirtualHost>

The secure https site is as follows:

<VirtualHost *:80>
   ServerName www.secure.com
   Redirect permanent / https://secure.com/
</VirtualHost>

<VirtualHost *:80>
   ServerName secure.com
   RedirectMatch permanent ^/(.*) https://secure.com/$1
</VirtualHost>

<VirtualHost *:443>
   SSLEngine on
   SSLProtocol all

   SSLCertificateChainFile ...
   SSLCertificateFile ...
   SSLCertificateKeyFile ...
   SSLCACertificateFile ...

   ServerName  secure.com
   ServerAlias secure.com

   ...

</VirtualHost>

So, visiting:

  • http:/insecure.com - works
  • http:/www.insecure.com - works
  • http:/secure.com - redirects to https:/secure.com - works
  • http:/www.secure.com - redirects to https:/secure.com - works
  • https:/insecure.com - shows https:/secure.com - WRONG!

© Server Fault or respective owner

Related posts about linux

Related posts about ssl