This website is deprecated, and remains online only for historic access to old issues and docs for historic versions of Virtualmin. It has been unmaintained for several years, and should not be relied on for up-to-date information. Please visit www.virtualmin.com instead.

How to prevent one domain's SSL cert on Virtualmin being accessible from all domains on server

2 posts / 0 new

Topic locked

Last post

#1 Fri, 12/13/2013 - 05:14

monsieurQ

How to prevent one domain's SSL cert on Virtualmin being accessible from all domains on server

I have an SSL cert installed and working for www.mysecuredomain.com on Virtualmin. The issue is that while the SSL cert is allocated to the default IP of the entire server, shared obviously by all domains, (an additional IP was not available for this server) by calling other domains on the server using https, the web site for www.mysecuredomain.com will load with www.myotherdomain.com as the URL. In other words, apache routes all https requests, regardless of the domain to the same virtual server.

Surely there is some way I can force apache to only serve https:// requests for the intended domain and ignore all others?

#2 Fri, 12/13/2013 - 05:55

Locutus

Apache will always serve a vhost when it receives a request. So when the user requests an HTTPS URL for which your Apache is not configured, it will serve the default vhost instead. Which in your case probably happens to be the one you don't wish to be served.

You can only circumvent that by creating a "dummy" domain and defining that as the default for the IP in question.

Topic locked