2

A site is running on a production environment, and needs to stay there, while I move and play with it on an online staging environment.

I moved all the files and pointed my host-file to the staging-server , like so: 123.123.123.12 example.org. Where my staging-server has the IP: 123.123.123.12.

When I visit http://example.org I get immediately redirected to https://example.org, which gives me all kinds of trouble, since that SSL-certificate is made using the production environment. So it tells me that my connection is unsafe.

I played around with this A LOT. Now I'm in a redirection-loop, where it bounces back and fourth between the http:// and https://-version:

find 302 redirect

I assume a request 'moves' like this:

                            (step 1)   (step 2)  (step 3)
Visit http://example.org -> Browser -> Apache -> Browser -> Result (https://example.org)

So somewhere in either step 1, 2 or 3 - this redirect is made.

Grand overarching question: How do I figure out, where this 302-redirect comes from, so I can disable it - and access my site via HTTP:// ?

Attempt1 - Ensure the browser didn't do it

At first I tried:

  • With developer tools open (network tab -> disable cache ticked).
  • From incognito browser
  • Clear all cached data and cookies and whatnot and restart browser.
  • Try from different browser.

Both Chrome and Firefox really push https. So I Google how to disable 'forcing https'. I found a brief version and a detailed version. Non of them changed anything (I still get redirected).

Attempt2 - Disable auto-redirect in VirtualMin

This happens here:

'System Settings' -> 'Virtualmin Configuration' -> 'SSL Settings' -> Untick: 'Redirect HTTP to HTTPS by default'

Source.

The redirect-loop started after this, weirdly enough!

And I assume this 'just' adds some lines on the .conf-files for all domains on the server.

Attempt3 - Ensure the .htaccess-file 'catches' traffic from port 80

I added these lines:

RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

... Found here.

Same thing.

Attempt4 - Add extra logs to Apache-setup

I figure I could maybe see some info about where the redirect came from. I tried adding some extra logging, by playing around with the /etc/apache2/sites-enabled/example.org.conf, but that didn't lead anywhere. I tried following the suggestions from this post, but that is outdated (see the upvoted-comment).

Further info

  • Server technology: Webmin and Virtualmin. Running on a VPS I've setup myself. There are several other sites running and working on the server.
Zeth
  • 163

0 Answers0