the issue with your custom template will arise with 10.1 update coming soon.
I have found what create your issue. this is the double redirection in your ibay.
I can point to the .store one get back refresh. quit the page and come back it works everytime.
as soon as i go to the .com, first click on a link brings you to .store and from there whatever you do you get stuck with browsing your own ip.
i would either have cloudflare handle the redirection, either move the .com to another ibay and redirect from there.
you could also check how you do the redirection. apache redirect or apache mod rewrite.
I think I've got the httpd.conf custom templates figured out now. I've got it trimmed down to three of them.
75AddTypesAV which you didn't comment on so I assume it will be fine.
ZZe-smithAccessPrimarysubdirs which contains the following to secure our web site administration page:
<Directory /home/e-smith/files/ibays/Primary/html/administration>
Options None
Options +Includes
SSLRequireSSL
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.1 10.0.3.0/255.255.255.0
AuthType Basic
AuthBasicProvider external
AuthName "WD Site Admin"
AuthExternal pwauth
Require user admin
Satisfy any
</Directory>
All I did with this file was rename it to something that should place it below any templates that SME might add in future updates. Let me know if there is anything in this file that might cause problems in the future and please be specific about exactly what it is that would cause a problem.
The final custom template for httpd.conf is ZYerrorDocsibays which contains:
<Directory /home/e-smith/files/ibays/Primary/html>
ErrorDocument 400 /http_error.php?error_id=400
ErrorDocument 401 /http_error.php?error_id=401
ErrorDocument 403 /http_error.php?error_id=403
ErrorDocument 404 /http_error.php?error_id=404
ErrorDocument 405 /http_error.php?error_id=405
ErrorDocument 408 /http_error.php?error_id=408
ErrorDocument 415 /http_error.php?error_id=415
ErrorDocument 416 /http_error.php?error_id=416
ErrorDocument 417 /http_error.php?error_id=417
ErrorDocument 500 /http_error.php?error_id=500
ErrorDocument 501 /http_error.php?error_id=501
ErrorDocument 502 /http_error.php?error_id=502
ErrorDocument 503 /http_error.php?error_id=503
ErrorDocument 504 /http_error.php?error_id=504
ErrorDocument 505 /http_error.php?error_id=505
</Directory>
<Directory /home/e-smith/files/ibays/sierraplaza/html>
ErrorDocument 400 /http_error.php?error_id=400
ErrorDocument 401 /http_error.php?error_id=401
ErrorDocument 403 /http_error.php?error_id=403
ErrorDocument 404 /http_error.php?error_id=404
ErrorDocument 405 /http_error.php?error_id=405
ErrorDocument 408 /http_error.php?error_id=408
ErrorDocument 415 /http_error.php?error_id=415
ErrorDocument 416 /http_error.php?error_id=416
ErrorDocument 417 /http_error.php?error_id=417
ErrorDocument 500 /http_error.php?error_id=500
ErrorDocument 501 /http_error.php?error_id=501
ErrorDocument 502 /http_error.php?error_id=502
ErrorDocument 503 /http_error.php?error_id=503
ErrorDocument 504 /http_error.php?error_id=504
ErrorDocument 505 /http_error.php?error_id=505
</Directory>
I tested this particular code on our test server and found it correctly triggers the error page so I got rid of the 90e-smithAccess40ibays custom template that would have caused problems with future updates.
I also took a look to find the proper db settings to force the use of only TLS1.1 or higher so I was able to get rid of that custom template. I'm guessing that since openSSL was updated to version 1.1.1 that the SSL cipher list for SME10 was updated to prefer TLS1.3 ciphers first.
So that brings us back to the problem I posted about in the first place. I'm confused about what you mean by double redirection in the ibay. Other than the fact that I have pointed both westerndepot.com and westerndepot.store to the primary ibay I have set no redirects of any kind in Apache. In fact I made sure to turn off forced SSL under Apache because that immediately created problems for anyone that tried to connect without SSL. The fact that all links within the site are set as https switches to SSL soon enough to suit our needs.
Granted all of the links and the cookie domain are set as westerndepot.store by the site but I would have thought that clicking one of the links when the site is accessed as westerndepot.com would have had essentially the same effect as clicking on a link to a different site entirely. Do you think I need to have PHP check to see whether the site has been accessed as westerndepot.com or westerndepot.store and then set the links accordingly? I'd just need to check the PHP $_SYSTEM variable to see which domain was used to access the site and have it set the defines for the site domain based on that.