Hi Colin,

>> My recommendation is to only allow GUI access via HTTPS, which can be
>> configured via the GUI itself.
> How would I do this? Can't find a setting (but then I may not be 
> looking in the right place!).

"Server Management" / "Maintenance" / "Server Desktop".

The field "GUI access protocols" usually shows "HTTP and HTTPS". Change
it to "HTTPS only" and tick the checkbox for "Redirect to Server-Name".

What it does is this:

Say the server is named server.company.com and you have a Vsite named

Someone goes to http://vsite.com/login, which will (as usual) redirect
to the AdmServ at http://server.company.com:444/login

However: If the GUI is set to "HTTPS only", it will redirect once more
to https://server.company.com:81/login

This serves two purposes: You can only see any GUI page when you access
it via HTTPS. Any call to a GUI page via HTTP will be redirected to the
respective HTTPS page of the same URL.

The checkbox "Redirect to Server-Name" (if ticked) will make sure that
you don't get the "The certificate is only valid for server.company.com"
error if someone uses http://vsite.com/login. You would get that if we
did a straight redirect from there to HTTPS without replacing the domain

Unavoidably you still see it if someone uses https://vsite.com/login,

With best regards

Michael Stauber
Blueonyx mailing list

Reply via email to