Hello. We have a question regarding some best practices for SSL.
We have several WHM-powered/Cpanel servers configured so that both SSL and non-SSL users share the same IP address. We are receiving reports from some of our customers that when they try to visit their non-SSLsite over HTTPS, they get sent over to a another website on the server, which seems to be the the first domain alphabetically that has SSL set up.
We would like to know what the best practice is to avoid non-SSL clients reaching other websites on the server. The client totally freaks out when this happens. We have considered setting up a dummy domain that is first in the list of SSL clients (e.g. 0.example.com) that would catch these non-SSL site requests, but we wanted to double-check to see if there is a more efficient way of handling this, because that seems like a terrible bandaid.
Please let us know if you have any advice or best practices for this situation.
Thank you.
We have several WHM-powered/Cpanel servers configured so that both SSL and non-SSL users share the same IP address. We are receiving reports from some of our customers that when they try to visit their non-SSLsite over HTTPS, they get sent over to a another website on the server, which seems to be the the first domain alphabetically that has SSL set up.
We would like to know what the best practice is to avoid non-SSL clients reaching other websites on the server. The client totally freaks out when this happens. We have considered setting up a dummy domain that is first in the list of SSL clients (e.g. 0.example.com) that would catch these non-SSL site requests, but we wanted to double-check to see if there is a more efficient way of handling this, because that seems like a terrible bandaid.
Please let us know if you have any advice or best practices for this situation.
Thank you.
