SSL from Let's


(Ilouie) #1

Guys, I installed an SSL from Let’s and it went smoothly, however, my issue is that when I call the domain without the HTTPS, all the browsers show it as unsecured. Is there something else I’d need to install to be secured?.. TY


(Yehor Smoliakov) #2

Yes, an option to solve your issue is to redirect HTTP traffic to HTTPS:

It’s a part of NGINX config:

server {
    listen 80 default_server;
    server_name _; # you can have another domain name here 
    return 301 https://$host$request_uri;
}

(Ilouie) #3

Thank you. How would that work with Apache?.. Do I need to install NGINX?.


(Yehor Smoliakov) #4

The above code won’t work with Apache, because it’s a different web server.

The method for Apache is the same, just a bit different configuration:

<VirtualHost *:80> 
  ServerName example.com
  ServerAlias www.example.com

  Redirect permanent / https://example.com/
</VirtualHost>

Also, Apache has ability to configure itself using an .htaccess file, so you can redirect HTTP traffic to HTTPS using the following code (this method requires you to have enabled mod_rewrite module in Apache):

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://example.com/$1 [L,R=301]

#5

Assuming you are using the distro, don’t mess with apache config files unless you understand how sysadmin configures apache. Manually manipulating apache config can be done, but the odds of conflicting with the distro does are high.

Unfortunately I don’t think the distro does any sort of automatic http->https redirect. There were some tickets open for it, but were closed without any clear comments on what/why the final decision was.

To disable port 80 admin access go to sysadmin->port management, disable http Admin access and enable the LetsEncrypt service to allow certificate updates.

You’ll have to manually specify https in your URL, but unencrypted access will be denied.


(Ilouie) #6

TY. Unless I install Desktop in Centos 7, I can’t get to the files. It’d have to be done through the Terminal or the GUI…


(Ilouie) #7

@jerrm, unfortunately Port 80 in sysadmin is not editing…


#8

More details needed to be of any help. What exactly is sysadmin doing? Post a screenshot.


(Ilouie) #9


Admin will not edit. Let’s on the bottom will not edit.


(Ilouie) #10

Anyone else???


(Lorne Gaetz) #11

Confirm there are no pending System Updates.


(Ilouie) #12

None…


(system) closed #13

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.