Open for Voting

http to https redirector

Why can't we configure serv-U to redirect http requests to https?

It would be ideal if one could select this option in the 'http listener' or in the Serv-U gateway configuration options.

FormerIdeaCreator

  • As others have pointed out here and in other requests, this has been possible for a long time.
    You can achieve this by enforcing encrypted connections before login:

    Domain > Limits & Settings > Limits > Connection > Require secure connection before login > Yes
    Enabling this will cause connections to a regular HTTP listener to be redirected to a corresponding HTTPS listener.

    This will also disable plain, unencrypted FTP sessions. That is a Good ThingTm.
    With this limit in place, Serv-U will reject the "USER" FTP command with a (configurable) error message if "AUTH TLS" has not been used before to upgrade the connection to FTPS.
    This does not apply to listeners configured for implicit FTPS, of course, since they're always encrypted from the start.

    If you still have clients that are unwilling to support SFTP or FTPS in 2023, you have other problems than a missing HTTP redirect option.

  • in reply to stefanbc

    The HTTPS listeners do send HSTS headers. Thumbsup

  • in reply to uster-ae

    You can achieve this by enforcing encrypted connections before login:

    Domain > Limits & Settings > Limits > Connection > Require secure connection before login > Yes
    Enabling this will cause connections to a regular HTTP listener to be redirected to a corresponding HTTPS listener.

    This will also disable plain, unencrypted FTP sessions. That is a Good ThingTm.
    With this limit in place, Serv-U will reject the "USER" FTP command with a (configurable) error message if "AUTH TLS" has not been used before to upgrade the connection to FTPS.
    This does not apply to listeners configured for implicit FTPS, of course, since they're always encrypted from the start.

  • in reply to gaza1994

    It has.

    You can achieve this by enforcing encrypted connections before login:

    Domain > Limits & Settings > Limits > Connection > Require secure connection before login > Yes
    Enabling this will cause connections to a regular HTTP listener to be redirected to a corresponding HTTPS listener.

    This will also disable plain, unencrypted FTP sessions. That is a Good ThingTm.
    With this limit in place, Serv-U will reject the "USER" FTP command with a (configurable) error message if "AUTH TLS" has not been used before to upgrade the connection to FTPS.
    This does not apply to listeners configured for implicit FTPS, of course, since they're always encrypted from the start.

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 190,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification SolarWinds Lab Link Accounts
About THWACK Blogs Federal & Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2021 SolarWinds Worldwide, LLC. All Rights Reserved.