Impossible to make HTTPS work

Janfi · February 3, 2020, 6:12pm

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: forestak.com

I ran this command:

It produced this output:

My web server is (include version): ispconfig

The operating system my web server runs on is (include version): debian 10

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): ispconfig

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

Hello,

I need help to make https work.
My son create an Prestashop web site hosted on my web server where others https sites work perfectly. (and worked without any kind of problems)
When on ispconfig I clic on “Rewrite HTTP to HTTPS” the site become unaccessible.
If I don’t clic this option https is nor activated.

I contact my registrar “gandi.net” they said that the problem is a loop of redirections.

I try to make it work for more than 2 weeks but no results.

Please help

Many thanks

Janfi

JuergenAuer · February 3, 2020, 7:01pm

Hi @Janfi

checking your domain via https://check-your-website.server-daten.de/?q=forestak.com - there

is no loop. There is a wrong redirect https -> http:

Domainname	Http-Status	redirect	Sec.	G
• http://www.forestak.com/ 116.203.202.203	302	http://forestak.com/	0.064	D

• http://forestak.com/ 116.203.202.203 GZip used - 12095 / 63497 - 80,95 %	200	Html is minified: 149,99 %	1.070	H

• https://forestak.com/ 116.203.202.203	302	http://forestak.com/	4.240	F

• https://www.forestak.com/ 116.203.202.203	302	http://forestak.com/	3.450	F

but no redirect http -> https, so it's not a loop.

Remove that wrong redirect https -> http, then recheck your domain to see, if that redirect is gone.

Then create a redirect http -> https. Don't create that redirect first, that would create a loop.

Janfi · February 4, 2020, 8:38am

Hello @JuergenAuer

Thank you very much for your answer.
Yesterday I did unclick on “Rewrite HTTP to HTTPS” because my son wanted to work on his site.
it is re-clicked now, and as you can see, the site is unaccessible.

I did clic on your link but I don’t have the knowledge to understand the problem.

Jean-Philippe

JuergenAuer · February 4, 2020, 8:59am

That's expected. You have to find your wrong redirect https -> http and remove it.

Please read some basics:

Janfi · February 4, 2020, 9:25am

Yes but where to search ? I use ispconfig and normally, everything should work automaticaly, for others sites i had no problem.
I do not have big knowledge on web backgrounds.

JuergenAuer · February 4, 2020, 9:43am

I don't know, it's your configuration.

A redirect https -> http is untypical. May be your application or an old .htaccess

Janfi · February 7, 2020, 9:34am

Hello,

Finally, yesterday night I could make it work, the problem was that the https must be activated in the backoffice of PrestaShop.

I still have a problem, when I clic on the small logo at the left of the url, it says that my connection is not fully secure, attackers can see images etc…

Is there any tool to report what exactly has to be changed to be fully secure ?

Thanks

JuergenAuer · February 7, 2020, 9:40am

Re-scan that url with "check-your-website", there is a content check included.

Janfi · February 7, 2020, 10:31am

Thank you very much Juergen

system · March 8, 2020, 10:31am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.