I have multiple SSL vhosts and non-SSL vhosts served from a single server. If one of the non-ssl vhosts is accessed using "https", the first SSL directive is used. Is there some setting to make it so that only vhosts with explicitly matching server names will can be used?
So, let's say I have www.a.com, www.b.com, and www.c.com.
Let's say I also have https://www.a.com and https://www.b.com.
If I go to https://www.c.com, it is the same as using the site https://www.a.com. This is undesired behavior. Is there something I could set so that no site would be used?
Best Answer
I don't believe so as Apache will just read the first 443 port that it sees and will present that to the user.
You could provide a blank directory with a .htaccess page inside that could catch what is coming in and redirect to the http version. You can do this using the following:
Don't forget to put the httpd.conf configurtion for the .htaccess directory at the beginning, before the first 443 entry.