https deny

Alles, was den Apache betrifft, kann hier besprochen werden.

https deny

Postby clawwd » 13. September 2019 02:17

Hiya,

I have two websites I am hosting. The one that has an SSL certificate a phpbb board meme board that is pretty vulgar because there are no rules on posts or content. The other is a simple CLEAN WordPress site.

If you use https, regardless of the FQDN, it immediately forwards to the phpbb board, which obviously I don't want to happen.

Is there a way to block https for the WordPress site or redirect any https requests for the WordPress site back to the http version of it while still keeping the https requests for the phpbb board intact.

Hopefully this isn't very confusing.

Thanks in advance
clawwd
 
Posts: 5
Joined: 11. September 2019 13:54
XAMPP version: 3.2.4
Operating System: Windows Server 2016

Re: https deny

Postby Nobbie » 13. September 2019 13:49

clawwd wrote:If you use https, regardless of the FQDN, it immediately forwards to the phpbb board, which obviously I don't want to happen.

Is there a way to block https for the WordPress site or redirect any https requests for the WordPress site back to the http version of it while still keeping the https requests for the phpbb board intact.


Its all a matter of your configuration, why does your site forward to the phpbb in any case. I think, that you configured it to do so?! Of course you might redirect once more if the original request was going for the WordPress site, but it would be clearly better not to redirect anyway if WordPress is requested.

How did you establish the redirect to phpbb? If you used Rewrite Module, simply add an RewriteCond for HTTP_HOST equals to the phpbb site (in order not to forward to phpbb in case of WordPress).
Nobbie
 
Posts: 11153
Joined: 09. March 2008 13:04

Re: https deny

Postby clawwd » 13. September 2019 17:26

Hi,

Thanks for the reply.

I don't have any redirects setup. This was more of an out of the box XAMPP setup so I may have missed a default option that is doing this and don't know it's there.

I believe you responded to my other post about me having two separate domains each bound to it's own public IP (TY BTW). I haven't had a chance to configure your suggestions but it may possibly fix this issue too?

I wonder if it's my host file. With the two sites and IPs should the host file reference these individually somehow?
clawwd
 
Posts: 5
Joined: 11. September 2019 13:54
XAMPP version: 3.2.4
Operating System: Windows Server 2016

Re: https deny

Postby Nobbie » 13. September 2019 19:11

clawwd wrote:This was more of an out of the box XAMPP setup ?


No, clearly NO. Xampp does not install WordPress, neither phpbb, neither does any forwarding.
Nobbie
 
Posts: 11153
Joined: 09. March 2008 13:04

Re: https deny

Postby Nobbie » 13. September 2019 19:15

clawwd wrote:I haven't had a chance to configure your suggestions but it may possibly fix this issue too?


Maybe, I dont know. This is way to few information.

clawwd wrote:I wonder if it's my host file. With the two sites and IPs should the host file reference these individually somehow?


Yes and no. The host file assigns IPs to Domains locally. Not more. It does not configure VirtualHosts, neither it does any forwarding.

Unfortunately, you do not provide much information, its quite impossible to fix your problems with that small amount of information. Actually, i have no idea what you are doing.
Nobbie
 
Posts: 11153
Joined: 09. March 2008 13:04

Re: https deny

Postby clawwd » 13. September 2019 20:38

Hi,
I really appreciate your help and forgive me if I am unclear but I am hoping this will help.

Due to the Domain name of one of the sites, I do not want to post it on the forums so I am going to call them:
myphpbbvulgarsite.com
mywordpresssite.com

I have a VM with two virtual interfaces, both of which have an indivual Public IP directly assigned to the virtual interface.

My VM isnt hosted by a hosting provider. Its my VM with Win Server 2016 and the latest version of Xampp which is how I am providing the sites.

Each webiste has a seperate mysql database. one is named "myphpbbvulgarsite.com" and the other "mywordpresssite.com"

The following DNS entries exist. Each domain name points to ONE of the Public IPs on the virtual interface.

I will use dummy public IPs below:

myphpbbvulgarsite.com resolves to 66.123.123.123 (virtual interface 1)
This is the PHPBB forum with the SSL certificate installed

mywordpresssite.com resolves to 67.124.124.124 (virtual interface 2)
This is the Wordpress site I am working on getting up and running.
This does NOT have an SSL certificate

Everything seems to be functioning fine with http://mywordpresssite.com http://www.mywordpresssite.com The issue is that if you accidentally to https://mywordpresssite.com it goes to the myphpbbvulgarsite.com website.

With that domain name being what it is, I obviously dont want kids, general users, browsers caching files, etc. happening on the Wordpress site just because a user accidentally typed https by mistake.

That is where my question comes in. I am hoping there is some way of keeping https traffic from hitting the Wordpress domain name at all or at least someway of redirecting https to the http version of the WordPress site.

I did put the below config, which I found on another post, in the httpd-vhosts file but it did nothing.

Also the file location referenced in the SSLCertificateFile and SSLCertificateKeyFile lines does not exist nor does the .pem and .key file it references.


<VirtualHost *:443>
ServerName mywordpresssite.com
RewriteEngine on
RewriteCond %{HTTP_HOST} ^mywordpresssite.com
RewriteRule ^/(.*)$ http://mywordpresssite.com/$1 [L,R=301]
DocumentRoot "C:/xampp/htdocs/mywordpresssite.com"
SSLEngine on
SSLCertificateFile /etc/ssl/certs/xxx.pem
SSLCertificateKeyFile /etc/ssl/xxx.key
</VirtualHost>


My local host file is completely commented out (not sure why but the sites seem to be working aside from this issue)
# 127.0.0.1 localhost
# ::1 localhost

Hopefully this makes sense and thanks for your help!
clawwd
 
Posts: 5
Joined: 11. September 2019 13:54
XAMPP version: 3.2.4
Operating System: Windows Server 2016

Re: https deny

Postby Nobbie » 13. September 2019 21:25

clawwd wrote:The issue is that if you accidentally to https://mywordpresssite.com it goes to the myphpbbvulgarsite.com website.


And why?

I cannot see any hint why this happens. Xampp does not redirect anything per default. You definately must have done "anything" which causes the redirect. As long as you cannot answer that question, i cannot help any further. Thats crucial.
Nobbie
 
Posts: 11153
Joined: 09. March 2008 13:04

Re: https deny

Postby clawwd » 14. September 2019 03:34

I just don't know my friend. I have been verifying the http and www version of these up until yesterday or so when I actually fat fingered the address as https. Is there a file output or something that will help you? If not, I really appreciate your help today and I will keep digging
clawwd
 
Posts: 5
Joined: 11. September 2019 13:54
XAMPP version: 3.2.4
Operating System: Windows Server 2016


Return to Apache

Who is online

Users browsing this forum: No registered users and 6 guests