Forcing HTTPS results in to many redirects

[Daniël1234]

Hello all,

I've been fiddling with Plesk to get HTTPS to work for http://glasvezeldewolden.nl/
Unfortunately I haven't had any successes at forcing HTTPS, all result in a 'to many redirects' message.

The certificate is already activated and can be verified trough; https://www.ssllabs.com/ssltest/analyze.html?d=glasvezeldewolden.nl

I've been unable able to find any obvious cause for this, or obvious in the way i could find another lead to fixing it.
Neither have i been able to find anything related on either Google or the help pages of Plesk that helped me troubleshoot this issue so i hope anyone is willing to help me trough.

If you need any other/further information, please let me know.

proxy_error_log:2015/05/16 16:35:00 [crit] 21266#0: *2336 SSL_do_handshake() failed (SSL: error:140A1175:SSL routines:SSL_BYTES_TO_CIPHER_LIST:inappropriate fallback) while SSL handshaking, client: 64.41.200.106, server: 151.80.117.38:443
proxy_error_log:2015/05/16 16:36:37 [crit] 21266#0: *2616 SSL_do_handshake() failed (SSL: error:14094085:SSL routines:SSL3_READ_BYTES:ccs received early) while SSL handshaking, client: 64.41.200.106, server: 151.80.117.38:443
proxy_error_log:2015/05/16 16:36:37 [crit] 21266#0: *2617 SSL_do_handshake() failed (SSL: error:14094085:SSL routines:SSL3_READ_BYTES:ccs received early) while SSL handshaking, client: 64.41.200.106, server: 151.80.117.38:443

proxy_access_ssl_log:64.41.200.106 - - [16/May/2015:16:34:54 +0200] "GET /?SSL_Labs_Renegotiation_Test=User_Agent_May_Not_Show HTTP/1.0" 400 0 "-" "SSL Labs (https://www.ssllabs.com/about/assessment.html)"
proxy_access_ssl_log:64.41.200.106 - - [16/May/2015:16:34:55 +0200] "GET /?SSL_Labs_Renegotiation_Test=User_Agent_May_Not_Show HTTP/1.0" 400 0 "-" "SSL Labs (https://www.ssllabs.com/about/assessment.html)"

 

[Lloyd_mcse]

Hi Daniël1234,
you haven't said how you have implemented "forcing HTTPS", but have you tried...

Plesk -> Domains -> glasvezeldewolden.nl -> Websites & Domains -> Web Server Settings -> Additional directives for HTTP

and add the standard Apache redirect

Redirect 301 / https://glasvezeldewolden.nl/

I hope it helps
Kind regards

Lloyd

 

[Daniël1234]

Hello Lloyd_mcse,

Thanks for your reply, though I have tried:

Unfortunately I haven't had any successes at forcing HTTPS, all result in a 'to many redirects' message.

Your suggestion:

Redirect 301 / https://glasvezeldewolden.nl/

Also results in this message, this is the Dutch message being displayed:

 

[Lloyd_mcse]

I just visited your site via https and it redirected me to http, SSL Labs also shows ..

HTTP status code 301
HTTP forwarding http://glasvezeldewolden.nl

You need to remove this redirect and add the correct one, like so...


I hope that helps
Kind regards

Lloyd

 

[Daniël1234]

Hello Lloyd,

As it is a live website i can't keep the redirect line active.

Redirect 301 / https://glasvezeldewolden.nl/

But if i do add that, an loop is created from HTTPS to HTTP and back to HTTPS, back to HTTP and HTTPS and so on... which results in the "to many redirects" message.

Though I do not use any other redirects in either Plesk or the .htaccess file, so my guess is that Plesk is somewhere causing this?

 

[Lloyd_mcse]

Though I do not use any other redirects in either Plesk or the .htaccess file, so my guess is that Plesk is somewhere causing this?

Not that I can think of.

You may want to rebuild the domain with...

/usr/local/psa/admin/bin/httpdmng --reconfigure-domain glasvezeldewolden.nl

And then try and add the directive again.
Other than that maybe someone else has some ideas...

Sorry I couldn't be more help

 

[Daniël1234]

Thanks for your reply, unfortunately rebuilding and then adding the redirect didn't bring any changes.
No problem at all, at least you've tried to help. Which is much appreciated.

 

[UFHH01]

Hi Daniël1234,

you use NGINX at the moment for your mentioned domain and configure a redirect over apache, to use HTTPS.

The correct way to redirect to HTTPS would be to add this example into the additional NGINX directives:

      server_name .example-domain.com;
      return 301 https://$host$request_uri;

 

[Daniël1234]

Thank you for your quick reply UFHH01, although after adding the altered content to the NGINX directive it results in the same 'to many redirects' message, something is forcing HTTP which creates an endless loop when trying to force HTTPS manually.

server_name .glasvezeldewolden.nl;
return 301 https://$host$request_uri;

 

[UFHH01]

Hi Daniël1234,

let's try something new then:

Please remove all additional rewrite rules for apache and nginx. Afterwards, please rebuild your configuration files again with the command:

/usr/local/psa/admin/bin/httpdmng --reconfigure-domain glasvezeldewolden.nl

Disable the "SSL - support" at the domain - specific hosting - settings ( Plesk will now again rebuilds the config files ) and re-enable it again ( Plesk will now again rebuild the configuration files ) with the correct certificate, which you can choose from the dropdown-menu at the same line. At this end, please now check, if the HTTPS - redirect works.

 

[Daniël1234]

Thanks you for your reply UFHH01.
I've done what you've asked me to do, without any luck.
https://glasvezeldewolden.nl/ still goes back to http://glasvezeldewolden.nl/
The certificate itself is reachable; https://ssl-tools.net/webservers/glasvezeldewolden.nl

After even more searching I came to the realization that I've had the following bit of PHP in my code, wow I feel dumbt now.

if($_SERVER['SERVER_PORT'] != 80){
   header("HTTP/1.1 301 Moved Permanently");
   header("Location: http://glasvezeldewolden.nl");
}

Excuse me for my 'dumbness'.

 

[UFHH01]

Hi Daniël1234,

I tested the URL "http://glasvezeldewolden.nl" just right now and all redirecting to HTTPS went fine. Problem solved I think. ^^