The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Site without SSL getting redirected to a site with one

Discussion in 'General Discussion' started by juanstg1, Feb 1, 2014.

  1. juanstg1

    juanstg1 Registered

    Joined:
    Feb 1, 2014
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi,

    I am not sure if I am in the right spot but here is my problem (sorry if it seems long but trying to provide all the details), here it goes.

    I am somewhat an administrator on a VPS (I know just enough to be dangerous & to keep most of the 20+ sites working).

    Back in December 2013 there was an issue that required an update to mysql which in turn updated PHP. Little did I know it turned a setting off that was required for most of the sites to display the PHP pages. Without this knowledge I sent word to the VPS management team to look into the problem. For several days they were unable to figure it out and ended up moving our VPS. Finding out that this did not fix the problem, they kept researching. Eventually it was figured out and all was good.

    So I thought....

    The host machine (the actual hardware) that we were on began to fail. So the host was forced to move us again, this time to a new machine. This forced me to setup new Name Servers and assigned us new IP's. It was a bit of work to ensure everything was moved and in working order but it all got done.

    Now is a good time to back track and let you know that one of the website owners had 5 websites all running SSL certificates and yes they all had separate IP addresses. A couple of years ago they dropped 3 of the sites and just pointed them to go to one of the other sites still running. I never really bothered deleting the old SSL's as I was busy and just completely forgot.

    When the host moved the VPS to a new machine and assigned the new IP address they left it to me to pull out the sites that needed dedicated IP's. Since there were only 2 I left the other old websites in the shared pool.

    For about a month I did not see this as a problem as everything seemed to be working just fine. A couple of weeks ago I got a call from one of the site owners saying that someone called him stating that when he typed in his website it would direct him to another website (which is on the same VPS). I brushed it off as one of those people that type in an address into the search bar (instead of the URL bar) and just chooses a link from the search results expecting it to get them where they want.

    Oh how wrong was I.

    This week the same guy called me saying a business associate in another state was having the same problem and he made sure this guy was typing the address in the URL bar (with AND Home » AND). Now I might add that this website owner does not have any SSL and has no need for one since he is only displaying information.

    Quite a bit of research led to finding out that when this guy types in the address (without the http://) it tries to take him to https://www.example.com (not really example). When he clicks past the security error message it takes him to a different site on the VPS. Come to find out it was directing him to one of the sites with expired SSL certificate.

    So I set out to delete the SSLs and move those sites back to seperate IP addresses in hopes that this would solve the problem. No such luck. Now after clicking past the error it just takes you to another site on the server (one that has never had an SSL attached to it.

    So if anyone can point this newbie in the right direction on what to do please do so!

    Note: I have root ability through WHM/cPanel but have no command line experience.

    Thanks in advance.
    -J :confused:
     
  2. juanstg1

    juanstg1 Registered

    Joined:
    Feb 1, 2014
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Edit:
    I did not realize the auto url was turned on, the following lines should read

    Should read (with the www and the .com )

    Also the line

    Should read (without the http : // it tries to take him to https....)

    sorry for the confusion.
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Check to see if the account has any .htaccess files or redirects implemented by the script installed that would direct requests to the secure "https" version of the website. Note that if the account is assigned a shared IP address, and a SSL certificate is installed on that IP address, than any secure request to a domain name on that IP address will load the contents of the domain name the certificate is installed for.

    Thank you.
     
Loading...

Share This Page