Non http redirect to another https domain ?

Sure I read about this some where. I will try and explain the issue

I have domains that are not using SSL http://example.com. if https://example.com is used on a site that has no SSL it puts up a “this site is not secure” in your browser.
If you ignore the not “recommended warning” and continue to the website it redirects you to a different domain name that’s using SSL??
Why does it do this and is there a way to stop it redirecting from one domain to another on the server.

Thank you for any help.

Hi,

This is expected behaviour, and is just the way Apache works.

The best way to fix it is to generate a free certificate for the domain in question with Let’s Encrypt (you may need to enable the LE plugin in NodeWorx). You could also use a self-signed certificate, but when LE is available, why bother!

InterWorx are working on a fix for this, and are also working to have SiteWorx automagically generate LE certificates for all domains too.

Hope this helps,

Jon

I remember now, Its to do with SNI. apache defaults to the next site that does have a SSL Cert.
Not shown up before but on one ip I have a mixture of non SSL and SSL sites.
Hope there’s a fix in the future
Thanks for your reply

Hello–

Unfortunately, this anything that we can fix, since it is an Apache level functionality, not an InterWorx level one. It’s just how Apache decided to handle allowing more than one domain on an IP address. There isn’t really much we can do to in that matter.

However, we are in the process of working on automatically creating SSL certs via Let’s Encrypt upon account creation, which will mitigate the issue, however, there is no ETA at this time.

this has nothing to do with my question, may be another spam poster ?

Hi Bear

Many thanks, and yes it was spammer…

It is hard as the spam link is not included on first post, but after a day or two, they edit the message and add spam link (in this case paymydoctor)

I take the view that a post which looks as though it may be genuine but I have suspicion of been a spam post, must remain until a link or spam added

Very annoying that they do this, but shows that IW is a good place

Many thanks and stay safe

John