Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Stop redirecting HTTP on webgui

    Scheduled Pinned Locked Moved webGUI
    7 Posts 2 Posters 2.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • SoloamS
      Soloam
      last edited by

      Hello, I use HTTPS on my webgui and I also use squidguard to control my companys access. The problem is that when someone hits a blocked webpage they are redirected to https://mypfsense.company/sgerror.php and they get a certification error. I could install the certificate to the webgui on all the computers, but that would be verry time consuming.

      Is there a way to redirect squidguard (or other packages) to display a normal HTTP page (not https)? That way I would only use the https on my administrative computers to control the webgui and squidguard for example would be displayed on http://mypfsense.company/sgerror.php

      Thank you in advance
      Best Regards

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        Have you tried System->Advanced->Admin Access - Disable webConfigurator redirect rule?

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • SoloamS
          Soloam
          last edited by

          Yes, that was the first thing that I tried! But if I do that I continue to not be able to enter on HTTP mode, I get a error of not found! I would no mind to force the HTTPS, if I was able to continue entering in HTTP!

          I would not like to have to use the external webserver to do this!

          Thank you for your help!
          Best regards

          1 Reply Last reply Reply Quote 0
          • DerelictD
            Derelict LAYER 8 Netgate
            last edited by

            So you want to disable HTTP on port 80 for the webConfigurator and use port 80 for the webConfigurator?

            Something's going to have to give.

            Chattanooga, Tennessee, USA
            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            1 Reply Last reply Reply Quote 0
            • SoloamS
              Soloam
              last edited by

              No, I want to have both http and https option, if that is possible! On the webconfigurator i would use https, on the squidguard redirector page I would use http

              1 Reply Last reply Reply Quote 0
              • SoloamS
                Soloam
                last edited by

                To any one that would like this solution, I found it out by adapting a code part of the page http://www.gopulls.com/blog/2014.08.13/squidguard-logging-with-pfsense-running-https/

                The only thing that I replaced was

                $SERVER["socket"] == ":80" {
                $HTTP["host"] =~ "(.)" {
                **url.redirect = ( "^/(.                )" => "https://%1{$redirectport}/$1" )**

                $SERVER["socket"] == ":80" {
                $HTTP["host"] =~ "(.)" {
                **url.redirect = ( "^/^(sgerror)(.                )" => "https://%1{$redirectport}/$1"**

                this way the redirector will work to all pages except sgerror

                Best Regards

                1 Reply Last reply Reply Quote 0
                • SoloamS
                  Soloam
                  last edited by

                  Ok this worked as intended, but with a side effect, now I'm never redirected to https, the idea was to redirect only if the "sgerror" was on the url, but now I have to explicitly put https to go to https on my webconfiguration. This is better than nothing, but if it were only to url's with "sgerror" on the string it would be perfect.

                  Something wrong with my RegEx pattern?

                  Best Regards

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.