• Hi, Pleskians! We are running a UX testing of our upcoming product intended for server management and monitoring.
    We would like to invite you to have a call with us and have some fun checking our prototype. The agenda is pretty simple - we bring new design and some scenarios that you need to walk through and succeed. We will be watching and taking insights for further development of the design.
    If you would like to participate, please use this link to book a meeting. We will sent the link to the clickable prototype at the meeting.
  • (Plesk for Windows):
    MySQL Connector/ODBC 3.51, 5.1, and 5.3 are no longer shipped with Plesk because they have reached end of life. MariaDB Connector/ODBC 64-bit 3.2.4 is now used instead.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.

Question HTTP service has been identified without SSL/TLS

P

Paul Larson

Basic Pleskian
Server operating system version
Ubuntu 22.04.4 LTS
Plesk version and microupdate number
Plesk Obsidian Version 18.0.60
The dreaded PCI/Security scan from a client!

So often the findings or remediation requests seem confusing, like this one:

"HTTP service has been identified without SSL/TLS"

Web traffic to domains on my server will always redirect to https/443. But I guess I can't stop a scanner from testing my IP, port 80, while not serving an SSL/TLS certificate. (I thought the whole point of https was to utilize an SSL cert, thus I don't know the point of scanning port 80 in search of SSL/TLS.)

But the technology behind these protocols is always more complex than I assume.

So, is there a way to serve an SSL/TLS on port 80, or...force such traffic immediately to 443?
 
There isn't much info to go off of such as if you went to http://your.ip.add.ress if it actually takes you anywhere or not so I'm just going to ask: did you configured your IP address to direct you to a default site such as your main site for your business? This can be done under Tools & Settings > IP Addresses and going into the IP address in question and setting a default site with an SSL/TLS certificate.
 
You must log in or register to reply here.

Similar threads

L
Issue ( authorization token is unavailable ) Could not issue/renew Let`s Encrypt certificates
Replies
7
Views
1K
Leta
L
B
Issue 704710#0: *18394 upstream timed out (110: Connection timed out) while SSL handshaking to upstream
Replies
1
Views
2K
sans
S
Lenny
Resolved Seeking Assistance with API Communication Issues via SSL on Plesk
Replies
4
Views
2K
Lenny
Lenny
I
Question Problems with Email certificate renewal - seems linked to changes in SNI support
Replies
0
Views
3K
iainh
I
H
Issue Problems with SMTP and port 465 SSL/TLS encryption on iOS and iPadOS
Replies
8
Views
7K
learning_curve
learning_curve
Back
Top