TurnKey Linux Virtual Appliance Library

[SOLVED] - LAMP Appliance Forces HTTPS - How can I stop this?

I have deployed a CakePHP app I'm working on to a Turnkey LAMP appliance running on the Turnkey Hub service. For some reason I cannot figure out, the server demands that every web request get made through https://... this is breaking my app. CSS/Javascript includes are broken, because they "don't exist" without the https:// in their links.

How can I intelligently disable this? I've been searching the httpd.conf, apache2.conf... I am totally lost and this is really screwing me up. There's ZERO documentation on how to deal with this issue... or if there is I haven't been able to find it.

Files I checked for information about these settings:

  • /etc/apache2/httpd.conf
  • /etc/apache2.conf
  • /etc/apache2/ports.conf
  • /var/www/.htaccess

I don't care if SSL/HTTPS is still used for the web panel, phpmyadmin, and the web shell (In fact I'd like to know how to turn these features off for when I need to take my app to production) but if I could disable it for all of them I'd rather do that at this point.

Startup instuctions File Server

Installed with no problems and I can see the server in Win 7.

All I see is the command prompt

Tried the smbclient and got involved in the mount instructions.

Unless I find some simple instructions of how to proceed I will just have to give it up.

Certainly installed easy and looks like it is functioning.

Lee

Jeremy's picture

Like DirtyBirdNJ says...

Best to start your own thread rather than hijack someone else's. Besides being bad form, it makes searching the forum for useful answers much more painful.

I'll see your new thread and get to you as soon as I can (if someone doesn't beat me to it).

Lee, I think you should post

Lee, I think you should post your own thread... my original post has nothing to do with Windows 7.

Jeremy's picture

HTTPS only forced for default TKL services

(eg Webmin, WebShell, phpMyAdmin etc) and in a clean install (ie default config) the main site (ie the doc root in /var/www) is available via HTTP or HTTPS.

So I would suspect something with your setup (that you have done - inadvertantly by the sounds...)

Have a look in /etc/apache2/sites-enabled and see what symlinks are there (by default there are phpmyadmin.conf and default - Webmin and WebShell use their own micro servrs AFAIK).

Assuming that during install of CakePHP a new site is setup then perhaps you need to disable default.conf (a2dissite default) or perhaps modifications have been made to default. Whichever is the case, the file(s) should be found in /etc/apache2/sites-available. Obviously you will need to reload Apache for your changes to take effect.

Jeremy, thanks for the

Jeremy, thanks for the reply.

We've been using the same Turnkey LAMP appliance locally with VirtualBox and this hasn't been an issue before. I haven't changed any of the settings in the files I listed above, but I think I've figured out the issue I'm having. Part of the problem is that I don't have a trusted certificate for my server, because I'm just using the tklapp.com DNS forwarding system. I really like the dynamic DNS though, I see this as a huge convience. I like that I don't have to buy a domain name or just use the IP address of the Amazon EC2 server I'm using. 

I'd clicked past the red Chrome warning page on my own machine, but when I sent links to my co-workers to review my progress they showed me it was rendering without any CSS! Getting them to put https:// in the URL of the page fixed the problem, I guess because this forced them to add a security exception to their browsers to continue.

The reason I thought it was "forcing" HTTPS is that some pages weren't loading, or more accurately were giving errors. The issue lies in how the different browsers responded to the cert issue. The Chrome debugger was showing "ILLIGAL TOKEN" error messages for all my included JS files when an http URL was used, and when I viewed the response for those files I was seeing CakePHP error HTML! I believe CakePHP's .htaccess is setup to route 404 errors to cake, so this would explain why I was seeing an HTML error and not a blank page? When I tried to view the page in Firefox, I got an error I couldn't bypass without clicking to accept the cert, and then everything was fine.

After a little tinkering, I figured out that the issue was a few https links in my CakePHP template. When the main page loads via http and the links are https... apparently that's not a good thing. Such a stupid little mistake, and I was looking in the completely wrong place! 

Jeremy's picture

Glad you got it sorted!

:)

Post new comment

The content of this field is kept private and will not be shown publicly. If you have a Gravatar account, used to display your avatar.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <p> <span> <div> <h1> <h2> <h3> <h4> <h5> <h6> <img> <map> <area> <hr> <br> <br /> <ul> <ol> <li> <dl> <dt> <dd> <table> <tr> <td> <em> <b> <u> <i> <strong> <font> <del> <ins> <sub> <sup> <quote> <blockquote> <pre> <address> <code> <cite> <strike> <caption>

More information about formatting options

Leave this field empty. It's part of a security mechanism.
(Dear spammers: moderators are notified of all new posts. Spam is deleted immediately)