Changing port from 80 to 443 redirects site to index (SSL related)

July 8, 2016 7.1k views
WordPress
blakeingram405
By:
blakeingram405

Hi there, i am trying to install my SSL certificate and the problem seems to be that

As soon as the virtualhost port in /etc/apache2/sites-available/default-ssl.conf
or 000-default.conf is changed from 80 to 443 (needed for SSL) my website gets directed to a index folder of the html

I am running Ubuntu 14.04 w/wordpress & apache

Any help whatsoever to solve this is appreciated

Here is what my 000-default.conf looks like

<VirtualHost *:443>
ServerName prollagen.com
SSLEngine on
SSLCertificateFile /etc/ssl/key (redacted)
SSLCertificateKeyFile /etc/ssl/key (redacted)
SSLCertificateChainFile /etc/ssl/key (redacted)
DocumentRoot /var/www/html

    <Directory /var/www/html/>
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

</VirtualHost>

Log In to Comment
4 Answers
ryanpq MOD July 8, 2016

I would recommend trying to add

DirectoryIndex index.php index.html

and restarting apache with 

service apache2 restart

This will direct apache to use your index.php file rather than showing a directory index.

Reply
  • blakeingram405 July 8, 2016

    No luck, sadly
    I am running a 100% clean install too so I have not yet made any modifications to the server

    I don't get why changing the port would cause that to happen

    EDIT: I am going to wipe the server one more time then and will check to see if port 443 will redirect it again

    EDIT 2:
    Site is still being taken to index even though the only changes i made were

    1. password
    2. enabled ssl (a2enmod ssl)
    3. changed port to 443 in 000-default.conf
    4. added these lines to 000-default.conf

    ServerName prollagen.com
    SSLEngine on
    SSLCertificateFile /etc/ssl/file
    SSLCertificateKeyFile /etc/ssl/file
    SSLCertificateChainFile /etc/ssl/file

jtittle1 July 9, 2016

@blakeingram405

Try running the command below and post the output.

apachectl configtest

Beyond that, Apache can be finicky at times, so you may want to try defining the DocumentRoot at the top, so your configuration would end up looking like:

<VirtualHost *:443>
DocumentRoot "/var/www/html"
ServerName prollagen.com
ServerAlias *.prollagen.com
SSLEngine On
SSLCertificateFile /etc/ssl/key
SSLCertificateKeyFile /etc/ssl/key
SSLCertificateChainFile /etc/ssl/key

<Directory /var/www/html/>
    Options Indexes FollowSymLinks
    AllowOverride All
    Require all granted
</Directory>

ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

Note, I added a ServerAlias line below ServerName to allow other requests to resolve to the primary domain. You should also setup a similar block to allow requests on port 80 as well.

Using the above, you're essentially telling Apache to listen on Port 443 only.

Reply
  • blakeingram405 July 9, 2016

    Will test out in a bit

    I decided to check cloudflare earlier (where i am routing my site through) and in the settings was an SSL enabled option (which was cloudflares ssl) I have a feeling that was the reason

    So i went ahead and totally removed my site from cloudflare and pointed my domain to DO (digitalocean) and am now waiting for the domain to propagate (taking quite a while honestly)

    edit: In advance, thank so much for taking time out of your day to help me

    I really appreciate it

jtittle1 July 9, 2016

@blakeingram405

As a word of advice, by using Options Indexes instead of Options -Indexes, you're enabling all directories, starting at /var/www/html and including anything below it, to be openly browsed by anyone who can access them unless every single one of them has its own index file.

For example, let's say you have:

/var/www/html/example
/var/www/html/example/config.php
/var/www/html/example/passwords.php
/var/www/html/example/....

With Options Indexes, I can browse to yourdomain.ext/example and take a look at those files. If they just so happen to output data (whether intentional or perhaps there's an issue with your PHP configuration that lets me download the files or access them in another way), I might just be able to access whatever it is you're trying to protect or keep private. If that happens to give me access to your database, backend, web server, etc -- you may find yourself in a less than desirable position.

Even if I didn't know your directory structure, I could run a few thousand basic requests, each of which would attempt to guess at directory structure using a dictionary or similar. If I happen to see that one of them works and returns an index listing of files, they will be scanned for something useful.

To prevent this, you'd need to drop an index.html file in that directory and any other directory that doesn't have one, starting from /var/www/html.

Unless you have a specific reason to allow open browsing, I'd use Options -Indexes, that way you don't have to worry about whether and index file exists or not.

Reply
blakeingram405 July 9, 2016

So cloudflare was the problem!
As with "Options -Indexes", when placing - in front of indexes apache throws out an error stating "if an option has - or +, all other options must have the same"

What would another "option" be within 000-default?

Reply
Have another answer? Share your knowledge.

Related Questions