Solved

SSL showing against wrong domain on shared server

Posted on 2008-10-13
3
228 Views
Last Modified: 2008-10-22
I have a webserver which contains numerous domains.  One of these domains has an SSL applied to it, running on port 443 as normal.

However, because all of the domains share the same IP address, you can simply type any of the domains behind a https:// and it'll pass them to the one with the SSL!

So, if I have the following domain which has the SSL applied to it:

https://www.firstdomain.com/cart.asp

I can easily use:

https://www.anyotherdomainonthisserver.com/cart.asp 

to get to the same place!  This has the effect of showing scripts under a domain that they aren't actually under.

Does anyone know how I can isolate this such that any https call to domains OTHER than the one on which the SSL exists cause a failure or redirect?

Thanks,

Tony
0
Comment
Question by:xxiantweb
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 4

Expert Comment

by:palner
ID: 22705395
SSL has the problem of using only 1 IP address. Microsoft does allow using multiple SSL with 1 IP address and a wildcard SSL, however *.singledomain.com generally isn't wanted when hosting multiple domain names.

One way to hide the ssl is if all pages were using .asp or .net. You can then check the domain (from the server variable) and if it doesnot match, redirect to the non-ssl site.

There are many approaches, this one worked best for us... we used this method and a 403 error that was also an asp with a simple redirect.
0
 
LVL 10

Assisted Solution

by:RubalJ
RubalJ earned 200 total points
ID: 22705870
SSL Domain should be on a dedicated IP. If you setup dedicated IP for site and point WWW A record on that dedicated IP and change the HTTPS IP to that dedicated one with port 443 then it'll resolve your issue.

0
 
LVL 4

Accepted Solution

by:
palner earned 300 total points
ID: 22706000
Since all domains are using that IP, he'll still need a way of stopping the other domains from hitting the ssl and questioning the non-matching domain name.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Debug Tools to analyse IIS process: This article focus on taking memory dumps from IIS to determine which code is taking more time and to analyse which calls hangs/causes more CPU usage. To take dumps,download the following. Install1: To st…
#SSL #TLS #Citrix #HTTPS #PKI #Compliance #Certificate #Encryption #StoreFront #Web Interface #Citrix XenApp
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar. Int…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question