Apache sends plain-text response when accessing SSL-enabled site without HTTPS

apache-2.2 mod-rewrite .htaccess mod-ssl

Solution 1:

First: With Apache you cannot have HTTPS and HTTP running on the same port.

See: Apache answer both HTTP and HTTPS on the same port

For handling both SSL and non-SSL traffic you have to define two virtual hosts.

See: Redirect http to https apache on different port

For the redirect from non-SSL virtual host to SSL virtual host we use this:

<VirtualHost *:80>
        RewriteEngine on
        RewriteCond  %{HTTPS} !=on
        RewriteCond  %{HTTP_HOST} ^(.*)$
        RewriteRule  ^(.*)/? https://%1$1 [L,R]
</VirtualHost>

Remains the problem that explicitly sending a non-SSL request to the SSL-enabled port ( http://mydomain.com:443/ ) gives the:

You're speaking plain HTTP to an SSL-enabled server port

page as plain text (in a Firefox browser). Explicitly sending a SSL request to the non-SSL port ( https://mydomain.com:80/ ) gives a:

ssl_error_rx_record_too_long error

(in the Firefox browser).

Why is this occurring?

Related

How to make Apache return a custom page on a 400 error with malformed host headers?
Speed of different Linux distros - why the difference?
OpenVPN: Not all DNS entries get pushed to clients from server. (dnsmasq)
How to email output of scheduled tasks?
/proc/cpuinfo fails to detect CPU model name
Task Scheduler Cannot Apply My Changes - Adding a User with Permissions
Enabling SSL for Remote Desktop
How to maintain the log source host using logstash
How does Windows hide internal users?
Are Link-Local routes necessary (IPv4)?
How can config squid to use a socks as parent or cascade?
mount using insecure ports for nfs