> Am 24.05.2018 um 14:07 schrieb Yann Ylavic <[email protected]>: > > On Thu, May 24, 2018 at 1:57 PM, Stefan Eissing > <[email protected]> wrote: >> >>> Am 24.05.2018 um 13:51 schrieb Yann Ylavic <[email protected]>: >>> >>> That'd work (and looks better than Stefan's SNI oriented proposal), >>> but I wish we had something working for non-SSL vhosts too, >>> UseDefaultVHost OFF|ON? >> >> Could work also, if this means that SSL connections with SNI are then >> aborted right away. > > Yes, I think that mod_ssl could handle the OFF case earlier, depending > on SNI vs vhost's ServerName/Alias. > >> As explained, I do want such hosts to simply not >> work with https:, and avoid a "not secure" warning first. > > Yes SSL is special, the "plain" case is worth it too IMHO (checked > elsewhere, but still based on the same directive).
Agreed.
