We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
Strange behaviour on https
Strange behaviour on https
Hello!
Ok so i have a problem on my VESTACP setup. Im using Apache as frontend and Nginx as backend server.
And i have a mix of multiple domains and packages. Some have ssl active and some not.
Now when i use https and http at an SSL-Enabled domain it works like it should.
But if i use https in front of an SSL-Disabled domain, the adress falls back to the very first domain i added (master)
So if i enter f.e https://www.mycustomer.com , it will forward to https://www.myhostingcompany.com
Of course all domains are on the same IP and myhostingcompany.com is kinda the "root website".
Any ideas please?!
Ok so i have a problem on my VESTACP setup. Im using Apache as frontend and Nginx as backend server.
And i have a mix of multiple domains and packages. Some have ssl active and some not.
Now when i use https and http at an SSL-Enabled domain it works like it should.
But if i use https in front of an SSL-Disabled domain, the adress falls back to the very first domain i added (master)
So if i enter f.e https://www.mycustomer.com , it will forward to https://www.myhostingcompany.com
Of course all domains are on the same IP and myhostingcompany.com is kinda the "root website".
Any ideas please?!
Re: Strange behaviour on https
https://www.myhostingcompany.com is the first include (or one of the first includes) above everyone else in your Apache/nginx file, that's why it's loading that first - and because you have a redirect from X -> https://www.myhostingcompany.com that's what's happening.
To fix, you need to enable SSL on the SSL-Disabled domain name and then SSL will return invalid.
To fix, you need to enable SSL on the SSL-Disabled domain name and then SSL will return invalid.
Re: Strange behaviour on https
Thanks for your replie!
But from what i understand, you are saying that its a normal behaviour that i get this SSL error (translated):
The Hostname does not match this Websites name "DLG_FLAGS_SEC_CERT_CN_INVALID"
Because i thought that in this case there would be just a kind of "connection aborted" error when trying to reach something which is disabled, instead of throwing that SSl error and then go to the root site if one clicks "continue anyway"
I can't do that, because the SSL part can't be empty in VESTA, or it will return an error.To fix, you need to enable SSL on the SSL-Disabled domain name and then SSL will return invalid.
But from what i understand, you are saying that its a normal behaviour that i get this SSL error (translated):
The Hostname does not match this Websites name "DLG_FLAGS_SEC_CERT_CN_INVALID"
Because i thought that in this case there would be just a kind of "connection aborted" error when trying to reach something which is disabled, instead of throwing that SSl error and then go to the root site if one clicks "continue anyway"
Re: Strange behaviour on https
You could generate a Let's Encrypt SSL certificate for that website and leave it at that?
SSL is highly advised now. Chrome is reporting websites that don't have it as insecure if they contain a login form. I imagine in a few months, Chrome will notify the user that the website is insecure even if it doesn't have that form on. Google wants all websites to run on HTTPS now.
SSL is highly advised now. Chrome is reporting websites that don't have it as insecure if they contain a login form. I imagine in a few months, Chrome will notify the user that the website is insecure even if it doesn't have that form on. Google wants all websites to run on HTTPS now.