Hi Colin, >> My recommendation is to only allow GUI access via HTTPS, which can be >> configured via the GUI itself. > > How would I do this? Can't find a setting (but then I may not be > looking in the right place!).
"Server Management" / "Maintenance" / "Server Desktop". The field "GUI access protocols" usually shows "HTTP and HTTPS". Change it to "HTTPS only" and tick the checkbox for "Redirect to Server-Name". What it does is this: Say the server is named server.company.com and you have a Vsite named vsite.com. Someone goes to http://vsite.com/login, which will (as usual) redirect to the AdmServ at http://server.company.com:444/login However: If the GUI is set to "HTTPS only", it will redirect once more to https://server.company.com:81/login This serves two purposes: You can only see any GUI page when you access it via HTTPS. Any call to a GUI page via HTTP will be redirected to the respective HTTPS page of the same URL. The checkbox "Redirect to Server-Name" (if ticked) will make sure that you don't get the "The certificate is only valid for server.company.com" error if someone uses http://vsite.com/login. You would get that if we did a straight redirect from there to HTTPS without replacing the domain name. Unavoidably you still see it if someone uses https://vsite.com/login, though. -- With best regards Michael Stauber _______________________________________________ Blueonyx mailing list Blueonyx@mail.blueonyx.it http://mail.blueonyx.it/mailman/listinfo/blueonyx