I was following the tutorial How To Secure Apache with Let’s Encrypt on Ubuntu 20.04. I was issued a SSL certificate but my website was still not secure.
I ran the process again but it still has not worked.

When I go to ssllabs. The SSL report for www.millerfuresh.com - overall rating is A.

I have this error


Failed redirect for millerfuresh.com
Unable to set enhancement redirect for millerfuresh.com
Unable to find corresponding HTTP vhost; Unable to create one as intended addresses conflict; Current configuration does not support automated redirection


Do I need to set up another vhost? for millerfuresh.com?
What steps do I need to take to secure my site?

Thank you

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
1 answer

Hi,
First thing first :)

@millerfuresh wrote
When I go to ssllabs. The SSL report for www.millerfuresh.com - overall rating is A.

That is right. If you enter https://www.millerfuresh.com in your internet browser’s address bar, you will get your website through secured connection.
However, it does not work for https://millerfuresh.com. The possible reason is included in error message you got from certbot:

@millerfuresh wrote
Unable to find corresponding HTTP vhost; Unable to create one as intended addresses conflict;

The other issue is related to redirection from HTTP to HTTPS. Having SSL certificate installed, we want to have the connection to our server secured for all the time, even if someone send a request to our web server to port 80 using HTTP, e.g. http://www.millerfuresh.com or just millerfuresh.com. In that case user’s request should be redirected from HTTP to HTTPS (from port TCP 80 to TCP 443), and result in https://www.millerfuresh.com. Such settings are usually done in separate virtual hosts in Apache configuration. Unfortunately, there was some problem reported during configuration of redirection in your case:

@millerfuresh wrote
Failed redirect for millerfuresh.com Unable to set enhancement redirect for millerfuresh.com Unable to find corresponding HTTP vhost; Unable to create one as intended addresses conflict; Current configuration does not support automated redirection

What I could suggest is to look for HTTP configuration for your domains and configure redirection to HTTPS manually. It looks like you may have to create HTTPS virtual host for millerfuresh.com by hand, since it seems to be not created so far.

  • Hi @Yannek - thank you. I am not sure how to proceed.

    when I sudo mkdir /var/www/millerfuresh.com
    mkdir: cannot create directory ’/var/www/millerfuresh.com’: File exists

    • Hi,
      First of all, before you will start modifying anything, please take a snapshot of your droplet to have a backup in case if something would go wrong.

      @millerfuresh wrote
      when I sudo mkdir /var/www/millerfuresh.com mkdir: cannot create directory ’/var/www/millerfuresh.com’: File exists

      I believe it is OK. This directory probably contains your website content. Look for Apache configuration files for your domains (millerfuresh.com, www.millerfuresh.com) rather than for directories containing your website content. The default location for configuration files in Ubuntu is: /etc/apache2/. Config files for virtual hosts are usually located in the directory /etc/apache2/sites-available/, and are being enabled through symbolic links created in /etc/apache2/sites-enabled/. You can simplify your searching by executing the command below:

      sudo grep --ignore-case --regexp servername --regexp serveralias $(find /etc/apache2/ -name "*.conf")
      

      This command finds all the files with .conf extension in directory /etc/apache2/ and searches for the patterns (strings) servername or serveralias in them. It ignores case distinction in patterns due to --ignore-case parameter.

      You will get a result like below:

      Output
      /etc/apache2/conf/httpd.conf:# ServerName gives the name and port that the server uses to identify itself. /etc/apache2/conf/httpd.conf:#ServerName www.example.com:80 /etc/apache2/conf.d/ssl.conf:#ServerName www.example.com:443 /etc/apache2/sites-available/millerfuresh.conf: ServerName www.millerfuresh.com /etc/apache2/sites-available/millerfuresh.conf: ServerAlias millerfuresh.com /etc/apache2/sites-enabled/millerfuresh.conf: ServerName www.millerfuresh.com /etc/apache2/sites-enabled/millerfuresh.conf: ServerAlias millerfuresh.com

      In this example you would check the content of the file /etc/apache2/sites-available/millerfuresh.conf
      If you need further assist, please provide your result.

      You can get some clue from this tutorial (step 5).

      by Erin Glass
      The Apache HTTP server is the most widely-used web server in the world. It provides many powerful features including dynamically loadable modules, robust media support, and extensive integration with other popular software. In this guide, we'll explain how to install an Apache web server on your Ubuntu 20.04 server.
      • Hi @Yannek - thank you. I have run cmd line: sudo grep … and then followed Step 5 (setting up a virtual host) of the tutorial.

        https://millerfuresh.com is secure but not working. I have the following error:

        Not Found

        The requested URL was not found on this server.

        Apache/2.4.41 (Ubuntu) Server at millerfuresh.com Port 443

        Do I need to change the settings in Filezilla? I have tried to restart the Apache server.

        Secondly, I am still stuck with the redirection from HTTP to HTTPS. Both http://www.millerfuresh.com and http://millerfuresh.com are working but not secure.

        • Hi,
          You made a forward step :)

          @millerfuresh wrote
          https://millerfuresh.com is secure but not working. I have the following error: Not Found

          It looks like you set up a virtual host for millerfuresh.com, that is listening on port 443 (HTTPS), but it cannot serve millerfuresh.com web content. Check if you correctly set up directive DocumentRoot. It should point at a directory that contains millerfuresh.com web content.

          @millerfuresh wrote
          Do I need to change the settings in Filezilla?

          I guess you use Filezilla for uploading web content and opening configuration files. In the latter meaning the answer is yes, you need to open virtual host configuration file of millerfuresh.com, and inspect directive DocumentRoot.

          @millerfuresh wrote
          I have tried to restart the Apache server.

          You need to restart Apache server after each modification of Apache configuration. Here is the appropriate command for Ubuntu:

          sudo systemctl restart apache2
          

          Besides that, when you are testing web server configurations or changing web content, bear in mind that a web content may be cached in some points on its way from a web server to a web browser. It may happen that you will see old web content or web server response even if you click refresh icon in a web browser. So, if you did some changes and you expect different response from web server than you get, then clear web browser cache and try again. There are many guides in the internet on how to clear browser’s cache.

          @millerfuresh wrote
          Secondly, I am still stuck with the redirection from HTTP to HTTPS. Both http://www.millerfuresh.com and http://millerfuresh.com are working but not secure.

          Firstly, get your https://millerfuresh.com working, and then you will start configuring redirection. You need to locate virtual hosts sections for both HTTP (port 80) and HTTPS (port 443). Let me know when you are ready with this.

          • Hi @Yannek - thank you for your encouragement. I was close to giving up.

            For https://millerfuresh.com

            I have fixed the error ‘AH00112: Warning : DocumentRoot [/var/www/html] does not exist.
            Syntax ok.’

            I ended up logging in as root and changing the name of .conf
            I finally got syntax ok.

            I have a new error now for https://millerfuresh.com
            Index of / …Port 443

            I have tried the following to fix:

            I looked in apache2.conf.
            In Filezilla created a directory /public_html to put the index.html file in

            I found this on stack overflow and the DO tutorial but it didnt work for me:
            sudo a2enmod usedir
            sudo service apache2 reload
            sudo mkdir /publichtml
            sudo chown -R $USER:$USER /public
            html
            sudo chmod -R 755 ~/public_html

            How can I fix it? Thank You!

          • Hi @Yannek - I will start this as a new question.