• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Question Completely Disable SSL

Tuğrul Yusuf Tahmaz

Tuğrul Yusuf Tahmaz

New Pleskian
Hello, this is my first post.

When I started to use Plesk on my VDS, Google indexed my some pages as https which is I don't want. When I disable SSL from panel I see certificate warning. I only need refuse https connections if user request.

I know tons of site like this. If you try to access https://plesk.xxx for example, it has to say page not found. This is what I need to do.

I read tons of things about .htaccess rules. But still can't find the solution. I don't want to google index my pages with https anymore. I don't have valid https certificate and I don't want to buy...

Thanks for help.
 
It is strongly discouraged to disable SSL. Google had published information before that it will rank SSL pages higher than non-SSL pages. Its intention is to drive people to using SSL only some day.

If you still want to control the response on SSL yourself, e.g. direct to a non-SSL page, when SSL was requested, you could add these lines to the beginning of your .htaccess file:

Code: 
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [L]

If instead you do not want to return any output at all, but a 404 not found error:

Code: 
RewriteCond %{HTTPS} on
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [L]
RewriteRule ^ - [L,R=404]

Again, this is the wrong approach. It is much better to install an SSL certificate (e.g. a free Let's Encrypt certificate), then set your pages to appropriately deliver SSL conent (e.g. by changing all the references in your website from http:// to https:// URLs).
 
Hi Peter Debik,

At first thank you very much for your quick reply. I made your first solution which is redirecting https to http. When user click indexed https url's, it is redirecting to http. It is ok.

But the question is, although I did that, is Google going to index my https pages again? is that possible? When spiders come back again they will fix url's as http instead of https next time?

Note: Also I've added "<link rel="canonical" href="http://www.mysite.try/">" code to my header.php
 
Google will likely prefer the SSL version over the non-SSL version for its index. I am not sure whether it recognizes that the non-URL version ought to be used. Maybe you should add a 301 code to the response like this:

Code: 
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

This indicateds "Moved permanently", so that a spider should update their index accordingly. I am not sure whether the solution does not already send a 301 by default (have not tested that). After all, Google will do whatever it thinks it wants to do.[/code]
 
Hello Peter

I have News page installed on my VPS, and i have installed let's encrypt automaticlly, but on this portal for news i dont need ssl and https, when i disable the ssl i get red https and i have some notification from the chrome i dont like that because i need to install new adserver to be configured to work on https but i dont need that on news portal. Help

Peter Debik said:
It is strongly discouraged to disable SSL. Google had published information before that it will rank SSL pages higher than non-SSL pages. Its intention is to drive people to using SSL only some day.

If you still want to control the response on SSL yourself, e.g. direct to a non-SSL page, when SSL was requested, you could add these lines to the beginning of your .htaccess file:

Code: 
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [L]

If instead you do not want to return any output at all, but a 404 not found error:

Code: 
RewriteCond %{HTTPS} on
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [L]
RewriteRule ^ - [L,R=404]

Again, this is the wrong approach. It is much better to install an SSL certificate (e.g. a free Let's Encrypt certificate), then set your pages to appropriately deliver SSL conent (e.g. by changing all the references in your website from http:// to https:// URLs).
Click to expand...
 
Peter Debik said:
Help with what exactly?
Click to expand...

I have problem, when i create new Webhosting account and new domain by default that domain get https access, but that is Portal for news and i dont need https, i was trying to disable but when i disable my page will disappiar and i got default webpage with the logo of the plesk and informations how to connect on the panel. Can you help me?
 
So you are trying to open your URL by http:// and see the default webpage instead? Or does that happen when you try to open it by https://?
 
Peter Debik said:
So you are trying to open your URL by http:// and see the default webpage instead? Or does that happen when you try to open it by https://?
Click to expand...
Hello Peter when i create some domain by default is creating with https and when i like to change to http and try to open the page sometimes is opening to Http with default page from Ples or is transfering to red https, i like to disable that.
 
I think this is too "fuzzy" for me to assist you. Maybe someone else understands what exactly is configured and what the result is. From your description I cannot understand what is happening. It reads as if you have set a permanent redirect to https://, but then again you are saying that "sometimes" it is opening in http://, then again redirecting to https://. It does not make any sense to me, sorry, I cannot help with this.
 
Peter, maybe im confusing but i will make screan shots so you can understand what im talking.
upload_2018-9-7_7-25-1.png
on this picture you can see i dont have enabled a ssl for my webpage, but when i try to open my page i getting this see on the picture
upload_2018-9-7_7-28-32.png

now i will enable ssl and you can see the page.

upload_2018-9-7_7-32-8.png

upload_2018-9-7_7-30-9.png

and again because i didn't active the ssl for the page just for mail i i got the message Not Secure, please can you help me?

Thanks
 

Attachments

  • upload_2018-9-7_7-27-32.png
    upload_2018-9-7_7-27-32.png
    74.4 KB · Views: 4
The symptom is a very unusual behavior, it is not the Plesk default behavior.
- Are you sure that after the configuration change the web server was restarted to reload the new configuration?
- Are you using the typical Nginx/Apache combination or did you apply any custom changes to Nginx or Apache, e.g. enabled or disabled some caching, entered additional rules in the webhosting configuration files?
- Did you do any changes to .htaccess or the virtual host templates for domains on your system?
- What is the content of
/var/www/vhosts/system/<your domain>/conf/httpd.conf
/var/www/vhosts/system/<your domain>/conf/nginx.conf
when the error occurs?
 
Peter Debik said:
The symptom is a very unusual behavior, it is not the Plesk default behavior.
- Are you sure that after the configuration change the web server was restarted to reload the new configuration?
- Are you using the typical Nginx/Apache combination or did you apply any custom changes to Nginx or Apache, e.g. enabled or disabled some caching, entered additional rules in the webhosting configuration files?
- Did you do any changes to .htaccess or the virtual host templates for domains on your system?
- What is the content of
/var/www/vhosts/system/<your domain>/conf/httpd.conf
/var/www/vhosts/system/<your domain>/conf/nginx.conf
when the error occurs?
Click to expand...

Hello Peter, this problem come out when i install Let's Encrypt plugin for free SSL because i have one e-commerce page on my server. Now when i create new domain coming with ssl, i dont know why i didn't set ssl.
 
You must log in or register to reply here.

Similar threads

P
Resolved SSL issue for some visitors, but not all
Replies
2
Views
290
pieterpost
P
brother4
Question Best way to block direct PHP file access and ensure .htaccess rules are always applied with Nginx as a reverse proxy?
Replies
1
Views
417
brother4
brother4
A
Resolved sslit error getScheme() must be compatible with...
2
Replies
21
Views
2K
Janko Falli
Janko Falli
J
Resolved ERROR: Declaration of PleskSslIt\GuzzleHttp\Psr7\Uri::getScheme() must be compatible with Psr\Http\Message\UriInterface::getScheme(): string (Uri.php:
Replies
4
Views
1K
AYamshanov
AYamshanov
O
Question Where in Plesk can I configure 301 redirect for non-existing subdomains?
Replies
2
Views
517
olegos76
O
Back
Top