In the third and final part about the SSL certificate, we will take a look at SSL installation using ISPConfig and its redirection. Congratulations, you're just a step away from having a secure webserver!
ISPConfig
Even in the case of the ISPConfig panel, the situation is not complicated. Only if you run multiple domains you want to secure on the server, you will have to do it for each individual domain separately.
The procedure is trivial – in the Sites menu we select the corresponding domain and click it. The Web Domain table with the details of the hosting settings of the corresponding domain will appear.
Among these settings, we also find SSL and Let’s Encrypt SSL items. We check and confirm both of them. This will automatically request and install certificates for the corresponding domain.
Enabling SSL certificate
We repeat the same procedure for other domains for which we want to set up and activate the SSL certificate.
Redirecting to SSL
So we have an SSL certificate set on the web; hurray! What’s next? The visitor only needs to enter http: // instead of https: // and the connection will continue without encryption and any security.
The solution is simple – we redirect all incoming traffic to HTTPS, regardless of where the user is coming from or what he entered into the address bar of the browser.
In order to do this, we need to have access to the root directory of the corresponding web – either through an FTP client or (ideally) a shell, i.e. SSH.
The .htaccess file should be located in the root directory of the corresponding web; if it is not, we must create it (don’t forget the dot in front of the name). Open this file and enter the following lines in it:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Important: If the .htaccess file already exists, make sure it does not contain the RewriteEngine On line. If it does, do not re-enter it and copy only the remaining two lines.
Now save the file and everything works as it should. Congratulations!
Summary
In this brief manual, we together looked at the implementation of a SSL certificate on the web server and the description of its functionality and benefits. We sincerely hope that this will make your websites safer and your clients more satisfied.
If you encounter any problem that we have not covered in this manual, don’t hesitate to contact our Technical Department, whose staff will be happy to help you.