Huw Evans

Asked: 2022-04-20 05:20:23 +0800 CST2022-04-20 05:20:23 +0800 CST 2022-04-20 05:20:23 +0800 CST

Best Way to Force use of SSL Certificate

When a browser connects to my website by entering it's FQDN the connection is encrypted using the site's SSL Certificate.

However it has come to my attention that it is possible to bypass the SSL and initiate an unencrypted connection by entering the load balancer IP Address (in which case you get an error saying it could not be encrypted).

The link below suggests that I could solve this with a redirect.

Apache reverse proxy so that SSL browser requests for IP of server are redirected to FQDN

Is this good practice or should I really be tying the certificate to the IP address in addition to the FQDN?

Best Way to Force use of SSL Certificate

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?

Best Way to Force use of SSL Certificate

0 Answers