Re: config is silently ignored

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 20 Apr 2021, at 06:59, Adrian <adrian@xxxxxxxxxxxxxx.INVALID> wrote:
> Daniel Ferradal <dferradal@xxxxxxxxxx> wrote:
>> <Virtualhost *:80>
>> ServerName whatever.example.com
>> Redirect / https://whatever.example.com/
>> CustomLog logs/whatevever.example.com.log common
>> </VirtualHost>

This is one more line that my port 80 configs have, I do not log connections to port 80.

> So if I redirect to the https version I can out all my per-directory
> config into the *:443 vhost entry?

Everything goes in the 443 VH, only the redirect and server name (and aliases, if any) need to be in the 80 VH.

> My worry is where that leaves some primitive browsers that don't
> support SSL.

It's 2021, not 2005.

> Can they not access the page at all?

Nope.

> Do they use the
> *:80 vhost entry and bypass any config that's in the *:443 one?

If you have a config in the 80 VH then it will use that, but the examples given and the right way to do this is to redirect ALL HTTP traffic to HTTPS.

> Or should I copy all config into both?

I would say no, you should not. There is no reason at all to use HTTP at this point, but that is my opinion. HTTPS is trivial to setup, can be used for free, and it simply makes everything better. Start by assuming security is the one lesson everyone should take from the last 40 years of the Internet.

If for some reason you want to support very old browsers on very old computers running very old OSes, then you would need to have a working config, complete, in your port 80 VH and NOT have a redirect.

-- 
'I really should talk to him, sir. He's had a near-death experience!'
	'We all do. It's called living.'


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx





[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux