search

engintron / engintron

Engintron for cPanel/WHM is the easiest way to integrate Nginx on your cPanel/WHM server. Engintron will improve the performance & web serving capacity of your server, while reducing CPU/RAM load at the same time, by installing & configuring the popular Nginx webserver to act as a reverse caching proxy in front of Apache.
https://engintron.com
GNU General Public License v2.0
661 stars 173 forks source link

standard cPanel service URLs on http:// do not redirect to https:// when compared to without nginx - PCI compliance issue #1487

Open pgrandmaison opened 4 weeks ago

pgrandmaison commented 4 weeks ago

Hi, I just noticed that on servers that do not have Engintron, going to http://webmail.domain.tld on cPanel auto-redirects to https://webmail.domain.tld when the appropriate settings are configured in WHM--> Tweak Settings:

Choose the closest matched domain for which that the system has a valid certificate when redirecting from non-SSL to SSL URLs. Formerly known as “Always redirect to SSL/TLS” [ENABLED]

Require SSL for cPanel Services --> ON

On this cPanel without Engintron, going to http://webmail.domain.tld , it automatically redirects to https://webmail.domain.tld which has a valid SSL installed.

On the same cPanel with Engintrol installed, going to http://webmail.domain.tld does not redirect to https://.

I believe this is a bug, and it will affect PCI compliance on future PCI compliance scans.

pgrandmaison commented 4 weeks ago

I actually just came across this documentation post: https://engintron.com/docs/#/pages/Redirect-webmail.domain.tld-from-HTTP-to-HTTPS

Looks like this is exactly what I need. I'm wondering why we don't include this by default?