These forums are locked and archived, but all topics have been migrated to the new forum. You can search for this topic on the new forum: Search for Change SSL error redirect URL on the new forum.
What is the best way to have the error message when a user goes to a non https webpage that requires SSL to point to the right address?
[14/Jul/2009:14:19:39 -0400] [71.48.130.183] Bad Request : This web server is running in SSL mode. Try the URL https://kermit:20000/ instead.
What I'd like to point to is https://avenue.org:20000/
What do I need to change to make this work? Thanks.
Well, I don't know that you can change the error message.
You can, however, have it redirect to the correct address, if you like.
To do that, go into Webmin -> Webmin -> Webmin Configuration -> SSL Encryption, and set "Redirect non-SSL requests to SSL mode" to "Yes".
-Eric
Sorry for bumping up old post, but it is close to my question. I have host behind router. IP address used to access it from internet (lets say it is 180.180.180.180) is different from one set on interface (10.10.10.10). Everything works perfectly if correctly requested (correct request https://180.180.180.180:10000, or https://<domain.name>:10000).
But if visitor forgets "s" and requests http://180.180.180.180:10000, he will get this error message: "Bad Request : This web server is running in SSL mode. Try the URL https://10.10.10.10:10000/ instead.". For external visitor suggested address will not work, as it is internal IP address. The same if visitor requested through domain.
Question is simple how to fix it? In the best case suggested address could point to the same address which was specified in browser by visitor, just with "https://" in the beginning.
Thanks
By the way, I know that it is possible to override IP used in message with "musthost" configuration variable, but in multidomain environment it isn't good enough as hostname used is the same for all domains.
if it is not possible to make what I ask, maybe somebody can say were (in what variable) query string is stored in miniserv, so basically I could tweak that message.
Hmm... you may be able to correct that by going into System Settings -> Virtualmin Configuration -> Network Settings, and tweaking some of the options there.
You'll want to make sure that "Network interface for virtual addresses" is set to the interface that you use to access your server on. The "Default Virtual Server IP address" is probably good at the default, "From network interface".
Then, I'd make sure "Default IP address for DNS records" is set to the external IP address used to access your server.
Let us know if setting those does the trick for you!
-Eric
According to current configuration:
Virtualmin -> System Settings -> Virtualmin Configuration -> Network Settings:
Do not know what could help you. For example in:
As it is absolutely possible that I had missed something, ask what information I could provide.
Thank you.
Hi, I was searching the forum and bumped into this question. My problem is similar. Installed a Webmin server in a client, and when I access from outside, if I forget to put https instead of http, it recomends to access using https://internallanip:10000
Can't find a way to solve this... And, don't know if it is related to this, when the client types: http://webmail.domain.tld it does not redirect to https://domain.tld:20000 as it should...
I don't think it is a problem in router forwarding rules, because if I type the url mannually it opens fine...
Thanks...
Aplima
Sadly I didn't find a solution which doesn't involve modifying code. In my opinion it is simply the use-case which is not implemented. At least it looked like this at time I was searching how to solve it. Possibly something is changed now.
Krienas
If you haven't already, try going into System Settings -> Virtualmin Configuration, and on the first screen there, set "Virtualmin URL for use in email messages" to the correct URL you'd use to access Virtualmin on your server... something like:
https://your_domain.tld
After saving that, does the URL it provides for the redirect look correct now?
-Eric
Eric,
Yes I did try that and it does not work. My theory is that when webmin is installed, it looks up server ip and defines it as 192.168.1.250... When I access it using internet ip (or url) and I forget to use https, it recomends to redirect to https://192.168.1.250...
I think, but I can be wrong, this is the origin of all the problems...
Aplima
Okay, after speaking with Jamie about this -- Webmin determines what URL to use for the redirect by performing a reverse DNS lookup of the primary IP on the server.
There wouldn't be a reverse address for your local IP... so you can override that setting by editing /etc/webmin/miniserv.conf, and setting the "host=" line. You could set it to something like:
host=external.hostname.com
After you add that setting, you'd need to restart Webmin with:
/etc/init.d/webmin restart
Ok, one problem is solved...
Thank you so much...
But sadly this was a minor problem, because the admin page is for me to access and nobody else. I still have the problem of the webmail and admin page.
when I type: http://webmail.domain.tld it shoud redirect to https://domain.tld:20000 like http://admin.domain.tld should redirect to https://domain.tld:10000
All it does is to open an 80 port page with:
Index of / [ICO] Name Last modified Size Description Apache/2.2.3 (CentOS) Server at admin.domain.tld Port 80
Thanks for all your patience
Aplima
Hmm, that sounds like the redirects may not be setup in Apache.
If you look in System Settings -> Server Templates -> Default -> Apache Website, are "URL for webmail redirect" and "URL for admin redirect" set?
-Eric
Concerning hostname:
I found that the "usual way" my Ubuntu does this is by adding an appropriate line to
/etc/hosts
(and subsequently I always add it manually if it is/gets missing). Example from my mail Virtualmin server:188.40.20.92 orion.tianet.de orion
So even if the external nameserver does not resolve the name, or if there is no external nameserver available, the local IP of the machine is always resolvable, and this hostname is what Vmin uses in its "please use https instead" message.
Concerning URL forward:
In addition to what Eric suggested: You can check if Virtualmin correctly set up that forwarding by looking at the Apache config of the domain in question, under Services -> Configure Website -> Edit directives. There should be a block like this in the config:
(Replace "-https-" with "https" if using this block. Need to write it this way cause the forum software here otherwise still tries to construct a broken A HREF link from it.)
Vmin uses Apache
mod_rewrite
to perform this forwarding, since the other (easier) methods only apply to URL paths, not to changing the hostname.Yes Eric, everything is selected as you inquired... That's why I don't understand why it does not redirect...
I'll try adding mannually the entries on hosts file like Locutus sugested. Thought I'm using CentOS 5.5 and the Apache conf file looks ok.
Thanks,
Aplima
Problem persists...
Well, I'm embarrassed... I had to Stop... And think a lot more... And read a lot more on the logs. It was a problem of defining correctly the ip for the virtual server.
I have to thank you all, especially you Eric. You gave me the solution to this problem long ago on this forum. I wasn't looking to the right place.
I recomend everyone to look with good eyes to this post:
https://www.virtualmin.com/node/16637#comment-73789
Thank you so much, and keep up the great work.
Aplima
If You Haven't Already Discovered:
Webmin >> Webmin Configuration >> IP addresses and Ports >> Webserver Hostname
-Iain
Just for info: Text that your server is running in ssl mode can be removed. What i did is search for the text "This web server is running in SSL mode" inside the file: /usr/share/webmin/miniserv.pl and changed it for example to : &http_error(200, "Document follows", "This web server is running in SSL mode."); or &http_error(200, "Document follows", "");