Cannot redirect to https

Przemyslaw4 years ago

Hello, I do everything like in the tutorial and install certbot with snap on my VPS debian 10 server. I add new hostname to my server on no-ip. Now I can login to my Traccar with https://myservername.ddns.net but I also can login with http://214.25.61.184:8082. I try many configurations of thet entry:

<VirtualHost *:80>
  ServerName myservername.ddns.net
  Redirect / https://myservername.ddns.net
</VirtualHost>

and

<VirtualHost *:8082>
  ServerName myservername.ddns.net
  Redirect / https://myservername.ddns.net
</VirtualHost>

<VirtualHost _default_:80>
  ServerName myservername.ddns.net
  Redirect / https://myservername.ddns.net
</VirtualHost>

the same tries with IP address:

<VirtualHost *:8082>
  ServerName 214.25.61.184
  Redirect / https://myservername.ddns.net
</VirtualHost>

<VirtualHost _default_:80>
  ServerName 214.25.61.184
  Redirect / https://myservername.ddns.net
</VirtualHost>

I don't have idea how to configure this wright.
Regards,
Przemek

Anton Tananaev4 years ago

This doesn't seem to be something specific to Traccar. It's probably better to check Apache related resources.

Przemyslaw4 years ago

Hi, @Anton Tananaev, thank You very much for answer. I will look at apache then.
Regards,
Przemek

Przemyslaw4 years ago

Hi Anton I figured that tutorial from documentation https://www.traccar.org/secure-connection/ don't redirect from default port http://myIP:8082. It redirect http://myIP:80 to https.
Regards.

Anton Tananaev4 years ago

Oh yeah, of course it doesn't.

Przemyslaw4 years ago

So, can You tell me how to change default port 8082 to 80? Can I do this? I try to mess something in traccar.xml file: add entry <entry key='web.port'>80</entry> I copy that from default.xml. But after restart traccar my server was broken.
Regards.

Anton Tananaev4 years ago

You won't be able to do a redirect from Traccar. Why do you need that?

Przemyslaw4 years ago

So it's safe when I can login to Traccar server with http? I think when I make SSL secure connection to my server it will disable possibility to enter from internet with http.
Regards.

Anton Tananaev4 years ago

The standard solution is to block internal port 8082 and only allow localhost connection to it. Why would you expose it externally?

Przemyslaw4 years ago

I install traccar on VPS in cloud. I just install default Traccar installation like in Traccar Documentation.

Anton Tananaev4 years ago

Obviously you have to use common sense and common security best practices when you host your own server.

Przemyslaw4 years ago

I have also openvpn server on the same VPS, can I do something like that:
I will only can login to Traccar Dashboard with http://10.8.0.1:8082? That is my VPN IP.