SoftPerfect Bandwidth Manager
HTTPS redirects
Started by Gopal
Gopal
HTTPS redirects 15 July 2020, 13:14 |
Re: HTTPS redirects 15 July 2020, 13:52 |
Admin Registered: 11 years ago Posts: 948 |
There is a solution, but it may not work the way you would wish it to.
As you may be aware, HTTPS requires the domain certificate and the domain itself to match. For example, a user opens https://www.facebook.com, but since we don't have Facebook's private key, we will need to present a self-signed certificate. Many browsers will not allow users to proceed past this point due to security violation.
The solution is:
1. Create a custom HTTPS web-server using Node.JS, Python or any other scripting language. Configure it in a way to respond with 302 redirect for any request it receives.
2. Test it by opening https://localhost:port. You may see a few security prompts, after which you should be redirected.
3. If the above works, simply create a port mapping in Bandwidth Manager, to map requests to port 443 to the local port you choose for the server.
The result will be:
1. A user opens https://www.facebook.com.
2. The request is intercepted by Bandwidth Manager and redirected to the local HTTPS web-server.
3. The local HTTPS web-server responds with a 302 redirect.
4. The user follows the redirect. This may not always work due to HSTS and certificate pinning or browser security settings as they will see this a MITM attack.
As you may be aware, HTTPS requires the domain certificate and the domain itself to match. For example, a user opens https://www.facebook.com, but since we don't have Facebook's private key, we will need to present a self-signed certificate. Many browsers will not allow users to proceed past this point due to security violation.
The solution is:
1. Create a custom HTTPS web-server using Node.JS, Python or any other scripting language. Configure it in a way to respond with 302 redirect for any request it receives.
2. Test it by opening https://localhost:port. You may see a few security prompts, after which you should be redirected.
3. If the above works, simply create a port mapping in Bandwidth Manager, to map requests to port 443 to the local port you choose for the server.
The result will be:
1. A user opens https://www.facebook.com.
2. The request is intercepted by Bandwidth Manager and redirected to the local HTTPS web-server.
3. The local HTTPS web-server responds with a 302 redirect.
4. The user follows the redirect. This may not always work due to HSTS and certificate pinning or browser security settings as they will see this a MITM attack.