git.net

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: dual port 80 443


Why not just use HSTS?

You want separate VirtualHost blocks anyway because you have to decide where your cert/chain/key files are going to be served so you don't send SSL traffic over port 80.  The SSL engine is enabled at the virtualhost block level.  HSTS is more professional too.

What I do with mine is just have 2 VirtualHost blocks in one file for that site and just have a separate conf file for each site in conf.d, then include conf.d/* in httpd.conf.

-C

On Fri, Oct 26, 2018 at 2:49 AM Edwardo Garcia <wdgarc88@xxxxxxxxx> wrote:
Hi,
We have only few domains to manage, usually either http or https, but we have lately had requests for both (we  know defeat purpose but customer knows what they want and they no take monetary or personal informations on website)

I know this works with duplication of virtualhosts, but should it also work with
<VirtualHost 1.2.3.4:80 [2001:1:1:1::1]:80 1.2.3.4:443 [2001:1:1:1::1]:443>
...
</VirtualHost>
To avoid duplicating?
nginx does not seem to have this limitation, so I'm surprised httpd2 does.

If I omit ports, it will errors on http  if ssl engine on.

or have I overlooked option?

Willy