when you activate the ssl on a website automatically activates the redirection http to https and I think this should not be automatic, the user must choose whether to activate it or not
another problem is that when you activate the ssl in the domain of webmail.expample.com comes out an error that the page redirected many times this only happens with an apache and php server without nginx.
In that case you would have to remove the htaccess redirect, the nginx based one would be anyway faster. As @eris wrote, this is how “we” currently want to have it - and I dont see any reason to change that behaviour.
The issue is off course if create a new “Domain” It should it be fine to redirect it to the https:// domain how ever in the rare that the behaviour is not wanted it should overwrite the decision the user wanted. (As currently)
They do not understand me, by checking the box “use lest encrypt to obtain ssl certificate” and save it.
The box “enable automatic http-to-https redirection” is automatically activated and I think this should not happen because the user must choose whether or not to activate the box “enable automatic http-to-https redirection”.
I understand what you mean and as already written: This is by design.
As already explained, a nginx redirect is much faster than a .htaccess based one - it is one of the reasons, we’ve implemented the auto redirect as soon as you add a domain - aswell it saves the time of an additional click. If you don’t want to have it, you can disable it directly after you added the certificate.
Basicly it doesnt make much sense to run hestia as apache2 only, the power of caching and performance is behind nginx. The redirect itself will also be done in apache, if apache2 only is installed - you can just remove the htaccess redirect and you’re good to go.
No it is NOT… .htaccess is parsed ‘after’ the first byte which is detected as a redirect by client’s browser. Redirect inside Nginx / Apache vhost config will be faster and more performant.
Secondly there is no commercial site now which is non-https so it does not make sense. It is good to have automatic redirection to https. if you have problem you can uncheck that in the box and be done with it