core: Disable TLS for sites where http is explicitly defined (fix)

2024-12-23 22:27:38 -05:00 · 2015-10-16 11:47:13 -06:00 · 2015-10-16 11:47:13 -06:00 · c4a7378466
commit c4a7378466
parent a17e9b6b02
1 changed files with 7 additions and 0 deletions
--- a/config/setup/tls.go
+++ b/config/setup/tls.go
@ -2,6 +2,7 @@ package setup

 import (
 	"crypto/tls"
+	"log"
 	"strings"

 	"github.com/mholt/caddy/middleware"
@ -10,6 +11,12 @@ import (
 func TLS(c *Controller) (middleware.Middleware, error) {
 	c.TLS.Enabled = true

+	if c.Port == "http" {
+		c.TLS.Enabled = false
+		log.Printf("Warning: TLS disabled for %s://%s. To force TLS over the plaintext HTTP port, "+
+			"specify port 80 explicitly (https://%s:80).", c.Port, c.Host, c.Host)
+	}
+
 	for c.Next() {
 		if !c.NextArg() {
 			return nil, c.ArgErr()