UsingWW: Redirect access from IP address to FQDN?

Installation

Redirect access from IP address to FQDN?

This forum has a limit to the number of forum postings you can make in a given time period - this is currently set at 5 posting(s) in 1 day

Hi,

Recently it was discovered that users on our instance of WebWork can access the insecure (HTTP) login page of a course via the server IP address, luckily this only works when local to the network, but our information security team would still like it cleaned up.

Looking in sites.conf I can see we have the domain set to use https and that indeed works well. What I can't find in the documentation is how to redirect access requests from an address like http://145.162.214.102/webwork2/2021_Winter_Math_Instructor/ to rewrite as the normal HTTPS URL.

This is probably some sort of base level apache thing that I am unaware of but would appreciate a hint.

How do I force WebWork to take an IP address request and redirect to the https version of the FQDN? Thank you.

Re: Redirect access from IP address to FQDN?

by Arnold Pizer - Wednesday, 22 December 2021, 7:14 PM

Hi,

Take a look at https://webwork.maa.org/wiki/Installation_Manual_for_2.16_on_Ubuntu#Redirect_http_requests_to_https

Re: Redirect access from IP address to FQDN?

by Max Bronsema - Thursday, 23 December 2021, 11:08 AM

Thanks Arnold.

It turns out we already had those rewrites in place, but we added one for the IP address of the server to rewrite to the base URL and it works great.

Have a great holiday!