Our features site is undergoing a refresh! Be sure to explore the revamped site and discover our latest product roadmap launching here on Monday, March 18th.
New Topic
cPanel & WHM Feature RequestsTopicSecurity
Properties
Category Security
Tags ssl redirect, redirection, redirects

Require SSL with option to redirect to SSL cert name or serverhostname)

Ivan Loh n Google shared this idea 11 years ago
Open Discussion

when the setting "Require SSL" is set to ON, the following redirection occurs

http://$domain:2082 -> https://$domain:2083/

http://$domain:2086 -> https://$domain:2087/

http://$domain:2095 -> https://$domain:2096/


However, if a valid SSL certificate is not installed a warning will be displayed, causing confusion. There should be an option to define where those redirect non SSL ports (2082, 2086, 2095) ports will redirect, in a cascading way. For example: to https://ssl_cert_name OR serverHostname:2083,2087,2096/


this is similar to "Always redirect to SSL" which only works for /cpanel /whm /webmail, and not for port numbers.

10 I like this idea 0  

Replies (2)

photo
1
benny@cpanel.net 8 years ago

In version 60 we've added SNI support to cPanel's services, which means that (as long as you have SSLs installed for all domains, which you can easily do with AutoSSL), this request could potentially be considered resolved. OP/voters/followers: would you all agree?

Reply
photo
1
Damien Gardner 8 years ago

I think that *if* there is an SSL certificate for $domain, then you could redirect to it. otherwise it would be useful to still have the option to redirect to the server's main hostname so there is no SSL error.

photo
1
benny@cpanel.net 8 years ago

That certainly makes sense. With AutoSSL there shouldn't really be a domain that doesn't have an SSL, though. I haven't yet found a compelling reason for someone to not use AutoSSL, but there's certainly an argument for being able to define where things redirect. I'll go ahead and leave this as incomplete, and we'll see if anyone else has anything to add!

photo
1
Monarobase 7 years ago

What about the period between the account creation and the autossl generation (up to 24 hours) ? During this time the user has a self signed cert, shouldn't the redirect go to the server host name until the domain has a valid cert ?

photo
1
benny@cpanel.net 7 years ago

That's definitely a window in which this cascading effect would be most effective, I agree.

photo
photo
1
Brandin Arsenault 4 years ago

This issue definitely still needs to be looked at, as it isn't resolved. We are unable to AutoSSL domains that aren't held in an account and that aren't the hostname, so SSL errors are produced on old hostnames if you update your hostname. The only possible solution that exists now is to just enforce hostname redirects but disable SSL redirects, which means you are allowing clients to sign in without SSL, which we would all prefer to avoid.

Reply
Leave a Comment
 
Attach a file

cPanel, WebHost Manager and WHM are registered trademarks of cPanel, L.L.C. for providing its computer software that facilitates the management and configuration of Internet web servers.