ServerDefaultPage SSL Support

    Hello,


    https:// noexistentsub ==> X, where X is an existent customer site, is the expected behavior without the ServerDefaultPage plugin. Now if you get the same behavior with the serverDefaultPage plugin, there is a problem ;)

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

    SSH key for online support

    Hi,


    @Ninos when you are online, please let me know so i send you the TV-data that you can show.


    @Nuxwin is it the expected behavior that https://noexistentsub.domainA.tld OR https:// noexistentsub.domainB.tld (different customer) OR https:// noexistentsub.domainC.tld (different customer) end up at the last added customer?


    Yes with ServerDefaultPage i have the same behavior as without it, but all is in standart configuration in jessie , imscp and plugins.


    Thanks

    Sry for my bad english :)

    @AlpineSwiss


    Yes, this is the default Apache behavior. When a host is not found, Apache serves the primary vhost (the first vhost found (loaded first)). The ServerDefaultPage plugin normally define two default vhosts, one for http and one for https, by configuring them in such way that they are always loaded first.


    Question:


    Do you have enabled SSL for the i-MSCP panel during setup? Please give us the result of the following command:


    Code
    1. # cat /etc/imscp/imscp.conf | grep SSL_ENABLED


    @Ninos


    I see like a bug in the DefaultServerPage plugin. According https://github.com/i-MSCP/plug…ServerDefaultPage.pm#L123 you create the default vhost file for SSL only if SSL is enabled for the panel. The problem is that SSL for the panel (which is run via nginx) has nothing to do with SSL for customer's sites... The customer sites can have SSL enabled even if SSL is disabled for the panel. You should not rely on the PANEL_SSL_ENABLED parameter. This is surely the problem... We shoud talk about a way to solve that. The first idea would be to generate a dedicated SSL certificate for the default SSL vhost but the problem is that the certificate will not match the unknown hosts. An alternative would be to redirect from default SSL vhost to no-SSL default vhost. At least there should be an option for either, use a self-signed certificate (or one provided certificate through plugin configuration settings), or redirect on the default no-SSL vhost.

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

    SSH key for online support

    @Nuxwin


    Thanks for your reply.


    Here is the output of your command:


    Code
    1. PANEL_SSL_ENABLED = no
    2. SERVICES_SSL_ENABLED = yes

    So the SSL for the Panel is not enabled during installation.


    Addition:
    Yes i see now that there is maybe a bug in the ServerDefaultPage.pm the vHosts don't get created on my system because PANEL_SSL_ENABLED = no

    Sry for my bad english :)

    Edited 2 times, last by AlpineSwiss ().

    @AlpineSwiss


    Thanks. Read my previous answer to understand why default vhost doesn't work with SSL. For now, You could simply enable SSL for the panel with a self-signed certificate and reinstall the ServerDefaultPage plugin once done.


    You can enable SSL for the panel by running the following command and by answering the questions:


    Code
    1. # perl imscp-autoinstall -dasr panel_ssl


    @Ninos


    According the @AlpineSwiss answer, I can say that the problem comes from the ServerDefaultPage plugin that don't create the default SSL vhost when SSL is disabled for the panel.

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

    SSH key for online support

    @Nuxwin yes now i understand the behavior why this occurs.


    The solution is now to activate SSL for the panel (but because i dont really need it, I will wait a fix for ServerDefaultPage) :D


    Thanks guys.


    EDIT: @Nuxwin Ok i have see your edit, I will give them a try later.


    Other question, it is possible/allowed to insert some custom php-files (script) into the default-folder of the ServerDefaultPage ?

    Sry for my bad english :)

    @AlpineSwiss


    No, sorry. at this moment, there is not PHP handler set for the default vhost. That could be a feature request ;)

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

    SSH key for online support

    @Nuxwin


    Ok no problem, i think a static HTML file will done the same job because its only an information page not more :D


    Addition:
    Because i don't really need SSL for panel and services maybe i will wait a fix that will perhaps timely released. (but maybe i will give it a try later)


    Thanks :)

    Sry for my bad english :)

    Thanks guys,


    is it not enought to check if SERVICES_SSL_ENABLED is enabled?


    PHP
    1. if($main::imscpConfig{'SERVICES_SSL_ENABLED'} eq 'yes') {
    4. // Generate the config
    7. }

    Sry for my bad english :)