On 12/12/2016 02:39 PM, Caesar Samsi wrote: > When you go to http://mail.mydomain.com/, where do you wind up? I.e., > whats the URL in the address bar of your browser, and is the resultant > page an actual page or a 404? > > I end up at https://mail.mydomain.com/listinfo
Which is correct, right? > What happens if you go to https://mail.mydomain.com/? > > I end up at https://mail.mydomain.com/ And you want to end up at https://mail.mydomain.com/listinfo, right. The probable answer to that is you are doing the redirect from http://mail.mydomain.com/ to http://mail.mydomain.com/listinfo before the redirect from http to https. See below. > In /etc/apache2/sites-available I have mailman.con which contains a number of > redirects as follows: > > <VirtualHost *:80> > ServerName mydomain.us > ServerAdmin [email protected] > Redirect / https://mydomain.us/ > </VirtualHost> So going to http://mydomain.us/... will redirect to https://mydomain.us/... > <VirtualHost *:80> > ServerName www.mydomain.us > ServerAdmin [email protected] > Redirect / https://mail.mydomain.us/ > </VirtualHost> And going to http://www.mydomain.us/... will redirect to https://mail.mydomain.us/... > <VirtualHost *:80> > ServerName mail.mydomain.us > ServerAdmin [email protected] > Redirect / https://mail.mydomain.us And going to http://mail.mydomain.us/... will redirect to https://mail.mydomain.us/... > ErrorLog /var/log/apache2/mailman-error.log > CustomLog /var/log/apache2/mailman-access.log combined > > <Directory /var/lib/cgi-bin/mailman> > Options FollowSymLinks > AllowOverride All > Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch > Require all granted > </Directory> > > </VirtualHost> > > and aliases as follows: > > Alias /AUP /var/www/html/AUP > Alias /pipermail/ /var/lib/mailman/archives/public/ > Alias /postfixadmin /var/www/html/postfixadmin > Alias /roundcube /var/www/html/roundcube > Alias /images/mailman/ /usr/share/images/mailman/ > ScriptAlias /admin /usr/lib/cgi-bin/mailman/admin > ScriptAlias /admindb /usr/lib/cgi-bin/mailman/admindb > ScriptAlias /confirm /usr/lib/cgi-bin/mailman/confirm > ScriptAlias /create /usr/lib/cgi-bin/mailman/create > ScriptAlias /edithtml /usr/lib/cgi-bin/mailman/edithtml > ScriptAlias /listinfo /usr/lib/cgi-bin/mailman/listinfo > ScriptAlias /options /usr/lib/cgi-bin/mailman/options > ScriptAlias /private /usr/lib/cgi-bin/mailman/private > ScriptAlias /rmlist /usr/lib/cgi-bin/mailman/rmlist > ScriptAlias /roster /usr/lib/cgi-bin/mailman/roster > ScriptAlias /subscribe /usr/lib/cgi-bin/mailman/subscribe > ScriptAlias /mailman/ /usr/lib/cgi-bin/mailman/ > ScriptAlias / /usr/lib/cgi-bin/mailman/listinfo So it appears you are relying on ScriptAlias / /usr/lib/cgi-bin/mailman/listinfo to get to the listinfo page from an http(s)://host/ url. Aside from the fact that this isn't a redirect which would explain why when you go to https://mail.mydomain.com/ the address you wind up at is still https://mail.mydomain.com/ (but is it in fact the listinfo page?), it seems very bad because it means that going to any URL like http(s)://host/something, where 'something' is anything that doesn't match one of the preceding Alias or ScripAlias directives will invoke the script /usr/lib/cgi-bin/mailman/listinfosomething that doesn't exist, and even if you made it ScriptAlias / /usr/lib/cgi-bin/mailman/listinfo/ It would still invoke the script /usr/lib/cgi-bin/mailman/listinfo/something which will probably give a "No such list something" error on the returned listinfo page with http(s)://host/something still in the browser's address bar. Further, this doesn't explain how http://mail.mydomain.com/ redirects to http://mail.mydomain.com/listinfo before redirecting to https. -- Mark Sapiro <[email protected]> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan ------------------------------------------------------ Mailman-Users mailing list [email protected] https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
