Thanks Michael,
On 13/10/2016, 21:01, "Blueonyx on behalf of Michael Stauber"
<blueonyx-boun...@mail.blueonyx.it on behalf of mstau...@blueonyx.it> wrote:
Hi Colin,
>> My recommendation is to only allow GUI access via HTTPS, which can be
>> configured via the GUI itself.
>
> How would I do this? Can't find a setting (but then I may not be
> looking in the right place!).
"Server Management" / "Maintenance" / "Server Desktop".
The field "GUI access protocols" usually shows "HTTP and HTTPS". Change
it to "HTTPS only" and tick the checkbox for "Redirect to Server-Name".
What it does is this:
Say the server is named server.company.com and you have a Vsite named
vsite.com.
Someone goes to http://vsite.com/login, which will (as usual) redirect
to the AdmServ at http://server.company.com:444/login
However: If the GUI is set to "HTTPS only", it will redirect once more
to https://server.company.com:81/login
This serves two purposes: You can only see any GUI page when you access
it via HTTPS. Any call to a GUI page via HTTP will be redirected to the
respective HTTPS page of the same URL.
The checkbox "Redirect to Server-Name" (if ticked) will make sure that
you don't get the "The certificate is only valid for server.company.com"
error if someone uses http://vsite.com/login. You would get that if we
did a straight redirect from there to HTTPS without replacing the domain
name.
Unavoidably you still see it if someone uses https://vsite.com/login,
though.
I knew it had to be there somewhere! ☺
Kind regards
Colin
_______________________________________________
Blueonyx mailing list
Blueonyx@mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx
