Prevent non-www https connections

[MoritzCH]

Good morning,


I am using Plesk for a week now and it's really nice but there is something I can't get working.
Recently I bought an SSL certificate for my server hostname I am using for Plesk (let's say it is "www.DOMAIN.com")
What I want to do is to redirect all traffic for this domain to the Plesk Panel Login on Port 8443 (including the www). I already applied this Nginx directive:

return 301 https://www.DOMAIN.com:8443/;

so if you want to open the "non-https" site you will be redirected. Unfortunately if someone uses "https://DOMAIN.com:8443" he won't be redirected and gets this ugly certificate error because my certificate is only valid for "www.DOMAIN.com"
Is there a way around this or do I have to buy another SSL certificate?

My setup:
Apache
Nginx (reverse proxy)

Thank you in advance
Moritz

 

[UFHH01]

Hi MoritzCH,

for apache ( this can be as well an additional directive at your webserver - settings! ), please use at ".htaccess" :

<IfModule mod_rewrite.c>
  RewriteEngine On
  RewriteCond %{HTTP_HOST} ^domain.com/$ [OR]
  RewriteCond %{HTTP_HOST} ^www.domain.com/$
  RewriteRule (.*)$ https://www.domain.com:8443/$1 [R=301,L]
</IfModule>

For NGINX ( this can be an additional directive over your webserver - settings! ), please use:

    if ($http_host ~ "^domain.com/$"){
        set $rule_0 1;
    }
    if ($http_host ~ "^www.domain.com/$"){
        set $rule_0 1;
    }
    if ($rule_0 = "1"){
        rewrite /(.*)$ https://www.domain.com:8443/$1 permanent;
    }

 

[MoritzCH]

Hi UFHH01,

tried both seperately but they are not working (or I am doing something wrong)
Read some post and I am not sure if you can rewrite https urls

 

[UFHH01]

Hi MoritzCH,

could you please explain, why you think that this is not possible? If you would like more informations on rewrites, please consider reading the apache and nginx - documentations:

http://httpd.apache.org/docs/
http://nginx.org/en/docs/​

 

[MoritzCH]

Hi,

just read a few threads where some people said that rewriting a HTTPS URL is not possible and will not be processed by the browser. Whatever, I created the .htaccess file, changed the DOMAIN.COM to the right one and nothing happens.
I did try the Nginx rewrite as well without success. This is why I am asking

 

[UFHH01]

Hi MoritzCH,

it depends on your very own webserver settings, if you allow "www.domain.com" or only "domain.com", or both. Please check your webserver settings for it ( Hosting - settings - preferred domain ). If you choosed "none" or "domain.com", then your visitors are able to open the URL without "www", where you have a missing certificate.
You are not redirecting HTTPS sites ( from domain to domain ), you are just redirecting from HTTP to HTTPS with the settings above. Please keep that in mind, when reading ( strange ) posts.

If you experience issues with your browser, please be aware of caching and browser history. You could check if the desired changes apply, either by the usage of another browser, or delete all your browsers history and depending cookies, close your browser and re-open it again to test the new settings.
An alternative is always to ask a friend, who never visited the URL to test it with his computer and connection, because some router or/and internet provider may keep as well a history for you, to reduce traffic.

 

[MoritzCH]

Good morning UFHH01,

but this is exactly my problem. I choosed the "www" as preferred domain and you can still open a "non-www" domain if you specify a port (like 8443 for Plesk).
I also tried to open the page with my tablet (internet connection = mobile network) but there I have the same problem. Did a server restart, cleared the cache, no success at all.

It's more than like that the "error" is on my site but it's not easy to figure out. Gonna check all my settings, maybe that will help

Thank you for your patience and your help!

 

[UFHH01]

Hi MoritzCH,

again, please check your "Hosting settings" for the desired domain, because you might have configured the domain with the usage "none" or "domain.com" during the installation. Plesk will automatically add the lines

<IfModule mod_rewrite.c>
            RewriteEngine On
            RewriteCond %{HTTP_HOST} ^example.com$ [NC]
            RewriteRule ^(.*)$ https://www.example.com$1 [L,R=301]
        </IfModule>

... to the depending configuration - file located at "/var/www/vhosts/system/example.com/conf/httpd.conf" ( or "httpd_ip_default.conf", if the domain is the standard domain for the choosen IP ), which is pretty much the same, as my suggestion for apache.
For NGINX, Plesk will add

    if ($host ~* ^example.com$) {
        rewrite ^(.*)$ https://www.example.com$1 permanent;
    }

at "/var/www/vhosts/system/example.com/conf/nginx.conf" ( or "/var/www/vhosts/system/example.com/conf/nginx_ip_default.conf", if the domain is the standard domain for the choosen IP ), which is again pretty much the same as my suggestion for your additional directive settings over the Plesk Control Panel ( I hope you found this 3 text - boxes ?!? ).

Please check not only your additional directive settings over your Plesk Control Panel, but as well the mentioned configuration files on your server. If Plesk didn't already performed the command "/usr/local/psa/admin/sbin/httpdmng ----reconfigure-domain example.com" by itself, when you added the mentioned suggestions, please check, that the desired code is located inside the files "vhost.conf" and "vhost_ssl.conf" for apache and for nginx at "vhost_nginx.conf" ( all three should be existent with your entries at "/var/www/vhosts/system/example.com/conf/*" ), then you might execute the command:

/usr/local/psa/admin/sbin/httpdmng --reconfigure-all​

... to reconfigure your server manually with the new configuration.

 

[MoritzCH]

As I said before, the error is sitting in front of everything -.- had a typo mistake inside the domain I entered.
Sorry for that.
Now these things are working:

http://domain.com --> https://www.domain.com:8443 (certificate working)
http://www.domain.com --> https://www.domain.com:8443 (certificate working)
https://www.domain.com --> https://www.domain.com (certificate working)

but if you enter

https://domain.com:8443 you won't be redirected to https://www.domain.com:8443

 

[UFHH01]

Hi MoritzCH,

you might like the idea, to use the free Plesk extension, called:

Custom Plesk Host
Description: This extension allows you to set a hostname that will be used for redirecting from http://domain.tld:8443/ to https://your_hostname:8443/​

Please go to the Extensions tab and install it for free and have then the possibility to change the desired hostname to your needs.

 

[MoritzCH]

yeah, that trick helped me

Thank you!