Resolved How to redirect vhost domain 8443 to proper secured login panel domain?

[J.Wick]

I'm kind of shocked no one has requested or written a guide on making the Plesk Login to only allow login in from a single URL, not the VhostDomain.com:8443 which produces an insecure SSL warning.

Is there a trick to making all domains server wide forward to https://TheProperPleskLoginURL.com:8443 ?

Also, this would help with security, and also when PCI-DSS scanners like TrustWave come by to stop bothering with it. As it stands Trustwave really complains about Plesk and the many small insecure nuances that are left open.

I tried this with an .htaccess and wasn't able to get it working.

RewriteEngine on
RewriteCond %{SERVER_PORT} 8443
RewriteRule ^(.*)$ https://plesk.domain.net/$1 [R=301,L]

 

[UFHH01]

Hi SpyderZ,

you don't have to be shocked at all, if you consider to use the free Plesk extension:

Custom Plesk Host​

Description
This extension allows you to set a hostname that will be used for redirecting from http://domain.tld:8443/ to https://your_hostname:8443/

 

[J.Wick]

Hi SpyderZ,

you don't have to be shocked at all, if you consider to use the free Plesk extension:

Custom Plesk Host​

Thanks UFHH01, it's a start but it's not perfect. I got it working, but it only works for http, not https, it should really work for both. Also, what's the way of getting notified when an extension has been updated and path for upgrading extensions?

 

[UFHH01]

Hi SpyderZ,

Plesk is well known, for it's detailed documentations. Please have a look at:

Plesk Extensions ( online documentation: Administrator's Guide, Plesk 12.5 )

... to inform yourself about Plesk extensions.
​

To investigate, why "it doesn't work for https" for you, please include log - files and consider to add depending configuration files, which might help to see, what could be changed to reach your goal.

 

[J.Wick]

Hi SpyderZ,

Plesk is well known, for it's detailed documentations. Please have a look at:

Plesk Extensions ( online documentation: Administrator's Guide, Plesk 12.5 )

... to inform yourself about Plesk extensions.
​

To investigate, why "it doesn't work for https" for you, please include log - files and consider to add depending configuration files, which might help to see, what could be changed to reach your goal.

Which log and config files would you like to see?

 

[UFHH01]

Hi SpyderZ,

well, your issue appears to depend on apache and/or nginx, in combination to the separate Plesk - webserver ( sw-cp-server ). Due to the case, that your few informations don't describe, which URL you use to be redirected, please have a closer look at:

Odin / Parallels Plesk Panel for Linux services logs and configuration files ( KB - article: 111 283 )​

... you will find ALL Plesk - depending log - locations and configuration file - locations there.
Consider as well to include your operating system and the current Plesk version ( incl. MU ) in use and try to add as much informations as possible, to make investigations possible and easier. We don't know, if you only use apache, nor do we know if you use nginx as well for your domain. You don't provide informations, that IF you use nginx as well, if you configured additional nginx directives ( because nginx ignores .htaccess - files ) and so on.... we can't guess your configurations and don't know, how you setup your domain ( hosting settings ).

 

[madadam]

Did you get anywhere with this SpyderZ? As you pointed out, the "Custom Plesk Host" extension simply adds a redirect for a "497" error (accessing by HTTP instead of HTTPS). In addition to this, we need a way of adding a permanent redirect for all vhosts accessed by HTTPS.

 

[mr-wolf]

My solution involves a wildcard certificate and a cname.

Secure all your Plesk servers with a wildcard certificate *.spyderz.com

If your client has the domain madadam.com you need to create the cname

www-madadam-com.spiderz.com  IN CNAME madadam.com

Tell your client to go to

https://www-madadam-com.spyderz.com:8443

and he will get no certificate error.

I have 1 Plesk server for all my DNS records and a script that automatically creates these cnames, but that's just icing on the cake.

Another method would be to use nginx to detect /psa and redirect that to the Plesk server.
I did some experiments with it, but got a blank page.
I will give it another try this evening as I learned a thing or 2 since. I also have a Plesk server that I only use for mail to experiment with.

 

[UFHH01]

Hi madadam,

did you see as well the Plesk blog article:

=> About Plesk URL or Telling Customers the Right Address to Go to - Plesk​

If you followed the suggestions and still have issues/errors/problems, pls. be so kind to inform us about the issues/errors/problems, so that people willing to help you are able to investigate the root cause together with you.



Additional informations:

=> Plesk for Linux services logs and configuration files ( KB - article: 213403509 )​