Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Default page for removed SSL host

Discussion in 'General Discussion' started by BillBuilt, Apr 27, 2018.

  1. BillBuilt

    BillBuilt Member

    Joined:
    Mar 6, 2018
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    Hello,

    I have an interesting problem here. I had someone request to cancel their account, so I terminated their account. They must still have their DNS on their domain set to my server, so now if I go to their url via http:// I get the standard "If you are the owner of this website, please contact your hosting provider..." WHM page. HOWEVER, if I use https://, it will NOT show this page and tries to find the website, causing errors in the system since it does not exist. This domain was an auto-ssl host. Why would the https:// version NOT load the "If you are the owner of this website, please contact your hosting provider..." page as well?

    Thanks in advance!
     
  2. cPanelLauren

    cPanelLauren Forums Analyst
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    2,719
    Likes Received:
    185
    Trophy Points:
    143
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @BillBuilt

    It sounds almost like the SSL VirtualHost exists still. Can you confirm this by checking the apache configuration file at /etc/apache2/conf/httpd.conf?

    Thank you,
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. BillBuilt

    BillBuilt Member

    Joined:
    Mar 6, 2018
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    Yes I had done that, but checked again just now in case I may have overlooked something before. There is no reference to the domain anywhere in httpd.conf. For now my only recourse is to check (from within PHP) whether or not the request is coming via HTTPS, and if so, redirect to the non-https url which then loads the standard not-found WHM page.
     
  4. cPanelLauren

    cPanelLauren Forums Analyst
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    2,719
    Likes Received:
    185
    Trophy Points:
    143
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @BillBuilt

    Is loading the actual page or is it loading a page from a different site? The default behavior for Apache is to redirect https traffic for domains without an SSL VirtualHost to the first SSL VirtualHost in the configuration. Does the account in any form exist on the server still?

    Thank you,
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. BillBuilt

    BillBuilt Member

    Joined:
    Mar 6, 2018
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    The account does not exist any longer in any form. It was on a shared IP address however, so I am having to use the account that is being considered the default account for the IP address to do the redirect. Which after looking again, this particular account looks to indeed be the first SSL VirtualHost listed for that IP address. I have multiple shared IP addresses in use. So, this tells me that most likely their DNS on the domain at their registrar is still pointing to the IP address on my server, and since I am forcing HTTPS on all urls, any search engines, bookmarks, etc will be coming in on the HTTPS url to that IP address, and since the account does not exist, it's loading the first SSL VirtualHost it finds.

    But, my question is, isn't it supposed to load the standard not-found WHM page regardless of HTTP or HTTPS? Is this a bug? Or is the workaround I described the only way to achieve this?

    Thanks again!
     
  6. cPanelLauren

    cPanelLauren Forums Analyst
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    2,719
    Likes Received:
    185
    Trophy Points:
    143
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @BillBuilt

    This is the default behavior since the implementation of SNI for Apache SSL VirtualHosts and not necessarily a bug, though I do think that it should be displaying a default page pending the configuration is default.

    Does the hostname of the server resolve to the same IP and does the hostname have an SSL installed (or an SSL VirtualHost)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. BillBuilt

    BillBuilt Member

    Joined:
    Mar 6, 2018
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    The hostname of the server is on it's own dedicated IP. All hostnames have SSL installed via Auto SSL.
     
  8. cPanelLauren

    cPanelLauren Forums Analyst
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    2,719
    Likes Received:
    185
    Trophy Points:
    143
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    I believe that may be why it doesn't show the default page though, the hostname is on a different IP address and you're forcing redirection to https - in this case the only way around this would be to add redirection for requests to that domain only.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. BillBuilt

    BillBuilt Member

    Joined:
    Mar 6, 2018
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    >in this case the only way around this would be to add redirection for requests to that domain only

    This is precisely what I am doing. HTTPS requests for that domain are getting redirected to the HTTP url for that domain and then it is displaying the "not found" WHM page.

    Other terminated accounts were doing this as well so it isn't isolated to just this domain, but they appear to have stopped so I'm guessing they have reset their DNS settings at their registrar, and this domain will stop as well once they do the same.

    Thanks! This has been a real head-scratcher for sure!
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice