Require SSL with option to redirect to SSL cert name or serverhostname)

Ivan Loh n Google shared this idea 4 years ago
Open Discussion

when the setting "Require SSL" is set to ON, the following redirection occurs

http://$domain:2082 -> https://$domain:2083/

http://$domain:2086 -> https://$domain:2087/

http://$domain:2095 -> https://$domain:2096/

However, if a valid SSL certificate is not installed a warning will be displayed, causing confusion. There should be an option to define where those redirect non SSL ports (2082, 2086, 2095) ports will redirect, in a cascading way. For example: to https://ssl_cert_name OR serverHostname:2083,2087,2096/

this is similar to "Always redirect to SSL" which only works for /cpanel /whm /webmail, and not for port numbers.

Comments (5)

photo
1

In version 60 we've added SNI support to cPanel's services, which means that (as long as you have SSLs installed for all domains, which you can easily do with AutoSSL), this request could potentially be considered resolved. OP/voters/followers: would you all agree?

photo
1

I think that *if* there is an SSL certificate for $domain, then you could redirect to it. otherwise it would be useful to still have the option to redirect to the server's main hostname so there is no SSL error.

photo
1

That certainly makes sense. With AutoSSL there shouldn't really be a domain that doesn't have an SSL, though. I haven't yet found a compelling reason for someone to not use AutoSSL, but there's certainly an argument for being able to define where things redirect. I'll go ahead and leave this as incomplete, and we'll see if anyone else has anything to add!

photo
1

What about the period between the account creation and the autossl generation (up to 24 hours) ? During this time the user has a self signed cert, shouldn't the redirect go to the server host name until the domain has a valid cert ?

photo
1

That's definitely a window in which this cascading effect would be most effective, I agree.

photo