Wednesday, 14 August 2013

How to stop HTTPS requests for non-ssl-enabled virtual hosts from going to the first ssl-enabled virtualhost (Apache-SNI)

How to stop HTTPS requests for non-ssl-enabled virtual hosts from going to
the first ssl-enabled virtualhost (Apache-SNI)

I hope that title is clear.
How do I prevent HTTPS requests for non-ssl-enabled virtual hosts from
going to the first ssl-enabled virtualhost (setup is Apache-SNI).
For example, using my abbreviated config below, requests for
https://example.com (a non-ssl vhost) are being served by Apache at the
ssl-enabled vhost https://example.org. I'd like to disable that behavior
and possibly reply with the appropriate HTTP response code (unsure of what
that is).
It may not even be possible, but I thought I'd ask.
# I actually have a SNI setup, but it's not demonstrated here.
# I don't think it's relevant in this situation.
NameVirtualHost *:80
NameVirtualHost *:443
<VirtualHost *:80>
ServerName example.org
</VirtualHost>
<VirtualHost *:443>
ServerName example.org
</VirtualHost>
<VirtualHost *:80>
ServerName example.com
</VirtualHost>
EDIT: Maybe a mod_rewrite rule in the first ssl-vhost?
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)