Search Results

Search found 6253 results on 251 pages for 'apache2 ssl'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 62/251 | < Previous Page | 58 59 60 61 62 63 64 65 66 67 68 69  | Next Page >

  • htaccess and htpasswd trouble

    - by hjpotter92
    This is the first time that I have ever tried working with .htpasswd and .htaccess files, so please point out my childish works. I have my apache document root set to /www/ on my debian server. Inside it, there's a folder named Logs/ which I want to restrict access using a htpasswd. I created my htpasswd file using the shell's htpasswd command. And this is the result: > user:<encoded password here> > hjp:<encoded password here> > hjpotter92:<encoded password here> I put this file named .htaccess inside /www/. The Logs/ has following htaccess file in it: > AuthName "Restricted Area" > AuthType Basic > AuthUserFile /www/.htpasswd > AuthGroupFile /dev/null > require valid-user This was again created using an online tool(I forgot its name/link, and can't search the browser-history now). The problem, as it might've already struck you is that I am experiencing no change on my Logs folder access. The folder is still accessible to everyone. I am running apache as root user(if that matters/helps). Please help/guide me. I've tried reading some htaccess guides and have followed some of older SO questions, but still haven't figured out a way to restrict access to Logs folder with a password.

    Read the article

  • strange 404 errors

    - by user1400532
    i have this website thinkmovie.in recently i enabled cloudfare along with maxcdn. When i look at my server logs, i see these strange 404 errors for many of the files. for eg: http://thinkmovie.in/img/content/15062012faith/thumbs/model_fai12e8th_latest_photoshoot_10.jpg But the actual url is http://thinkmovie.in/img/content/15062012faith/thumbs/model_faith_latest_photoshoot_10.jpg refer_url: http://www.thinkmovie.in/gallery/ It means the term "model_faith" is replaced by "model_fai12e8th" and one more http://thinkmovie.in/image.php/?offset=1&height=120&width=144&cropratio=1.2:1%E2%84%91=/img/content/07052012pranitha/pranitha_hot_in_saguni_movie_press_meet_0.jpg?offset=1&height=120&width=144&cropratio=1.2:1%E2%84%91=/img/content/07052012pranitha/pranitha_hot_in_saguni_movie_press_meet_0.jpg actual url http://thinkmovie.finalytics.in/image.php/?offset=1&height=120&width=144&cropratio=1.2:1%E2%84%91=/img/content/07052012pranitha/pranitha_hot_in_saguni_movie_press_meet_0.jpg?offset=1&height=120&width=144&cropratio=1.2:1&image=/img/content/07052012pranitha/pranitha_hot_in_saguni_movie_press_meet_0.jpg refer_url: http://www.thinkmovie.in/gallery/hotactress/album/pranitha_hot_stills_19012012pranitha/ {&image replaced by %E2%84%91} I'm not able to understand how this is happening. I checked my code server times. And I am not able to replicate this problem from my browser. Please help me.

    Read the article

  • Can I redirect the HTTP request towards an old folder to the homepage using .htaccess file?

    - by AndreaNobili
    I have to following situation: I had an old blog that was made using Joomla (this blog was indexed well enough by search engines). For some problems I delete it and I have create it again using WordPress. Now I have many visit (from Google) that leading to specific pages of the old site (pages that don't exist in the new version). For example I have visit to URL as: /scorejava/index.php/corso-spring-mvc/1-test that don't exist on my new site. I would know if using the .htaccess file (or other sistem) I can redirect the HTTP request directed to some subfolder (that don't exist in the new version) to the homepage of my new site. For example I have the request towards the void URL: /scorejava/index.php/corso-spring-mvc/1-test. And I would create a regular expression that say something like: all the request toward the subfolder corso-spring-mvc (and all it's content file and subfolder) have to be redirected to www.scorejava.com. Is it possible?

    Read the article

  • Handle php out of memory error

    - by PeterMmm
    I have a Drupal based web site on a relative small vserver (512MB RAM). Recently the website begins to return php out of memory messages like this: Fatal error: Out of memory (allocated 17039360) (tried to allocate 77824 bytes) in /home/... All php.ini memory limit parameters are set to off (-1). Propably the website has gained of complexity, content, etc. But I cannot interpret fine that message: Does that mean that the whole request has allocated 17MB(?) right now and cannot get 7MB(?) more from the OS. Has the web server spend all memory or has the OS no more memory to allocate ? I'm not shure if the memory overhead is coming from the web server or another service, because when I get the out-of-memoy message I can't get into the server with ssh. After a while all runs fine again.

    Read the article

  • install codeigniter on apache

    - by pooja
    I already have php and apache installed on my ubuntu 12.04. I want to install codeigniter which is a php framework. I followed the link: How to install CodeIgniter? . But its too complicated and also I do not want to create symlinks and mount and all the stuff mentioned there. Installation instruction are also on the codegniter site i.e. http://ellislab.com/codeigniter/user-guide/installation/index.html , but those are not elaborative and little confusing. I will be very thankful if anyone can please provide a simple way to install codeigniter with apache server.

    Read the article

  • Apache FilesMatch regexp: Can it match by the cache buster 10 digit (rails generated) following the filename?

    - by ynkr
    According to the apache FilesMatch docs: The FilesMatch directive provides for access control by filename Basically, I only want to set an expires header for resources that have a 10 digit "cache buster" id appended to the name. So, here is my attempt at such a thing in my httpd.conf <FilesMatch "(jpg|jpeg|png|gif|js|css)\?\d{10}$"> ExpiresActive On ExpiresDefault "now plus 5 minutes" </FilesMatch> And here is an example of a resource I want to match: http://localhost:3000/images/of/elvis/eating-a-bacon-sandwich.png?1306277384 Now obviously my FilesMatch regexp is not matching so I am guessing 1 of 2 things is happening. Either my regexp is wonky or the '?1231231231' cache busting part of the file is not part of what apache considers part of the filename. Can anybody confirm and/or give me a way to cache only those resources that will not persist beyond the next deploy?

    Read the article

  • Hiding array in apache_get_modules(); [closed]

    - by John Smiith
    i wan't to view all apache modules i use script below <?php $amods = apache_get_modules(); print_r($amods); This will output Array ( [1] => mod_win32 [2] => mpm_winnt [3] => http_core [4] => mod_so [5] => mod_actions [6] => mod_alias [7] => mod_asis [8] => mod_auth_basic [9] => mod_authn_default [10] => mod_authn_file ) how to hide array ( ... i want to apache get modules like this installed modules is mod_php5 mod_authn_default mod_userdir etc

    Read the article

  • localhost .htaccess not working?

    - by diff
    Now i install WordPress then BuddyPress, after the install buddypress i run the site, home page was run, when click the other page link the page was not working. show this error Not Found The requested URL /Repo/website/groups/ was not found on this server. Apache/2.2.17 (Ubuntu) Server at localhost Port 80 After then i check my local htaccess, here is all are ok, but why the problem is showing. Here is my local htaccess .. <Directory /> Options FollowSymLinks AllowOverride all </Directory> <Directory /var/www/> Options Indexes FollowSymLinks MultiViews AllowOverride all Order allow,deny allow from all </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory>

    Read the article

  • Need some help in understanding SSL concepts

    - by user1115256
    I am new to SSL programming and finding some difficulties in understanding SSL concepts. I tried to get it through openssl site,but it is not much informative. Here is my doubts. What is difference between SSL Buffer and BIO buffer..? I mean layerwise detail will be very helpful. Can I use SSL_Write and SSL_Read without setting any BIO object to SSL object..? What exactly BIO_flush will do... I mean is it going to flush all the data to network buffer from BIO buffer.. ? If it is possible to do write and read data from SSL directly without using any BIO object then is it possible to flush the data from SSL buffer to network buffer by any means.. ? It would be very helpful if any body explain these things or giving any links where I can find answers to my questions.

    Read the article

  • Is it possible to use two different ErrorDocuments for different paths of a website?

    - by tapwater
    this is my first question on stackexchange and it might be a bit confusing. I currently run PmWiki (sorry, you'll have to google it, new user can only have 2 hyperlinks) at mydomain.com/pmwiki. I have a 404 page and .htaccess set up in my site's document root for 404 pages regarding anything that doesn't have to do with my wiki. By default, PmWiki handles URLs a little confusingly so I had to use this in order to get it to look like mydomain.com/pmwiki/Namespace/Page I had to create a .htaccess in /pmwiki to remove parts of the URL. PmWiki also has a custom 404 (Site/PageNotFound) page that has stopped working, now my site uses the /404.htm page. I noticed this when trying to install this "recipe" to enable case-insensitive URLs. Currently the only way to access Site/PageNotFound is by actually linking to it, and, if you read how that recipe seems to function, this is an issue. Currently mydomain.com/pmwiki/blahblah and mydomain.com/pmwiki/legitimate_namespace_but_lowercase/legitimate_lowercase_page_name both direct to mydomain.com/404.htm. I have to admit I'm very confused, and I apologize if I was unclear in any of this, but I could definitely use some help. Thanks!

    Read the article

  • Default Location of Web Site Content

    - by RichyL
    I am looking to install mediawiki on a production server (after doing a test on a development one). I could not really understand why the default location for the mediawiki files is /var/lib/mediawiki. I would have thought /var/www would've made more sense. I did some research and in http://people.canonical.com/~cjwatson/ubuntu-policy/policy.html/ch-customized-programs.html#s-web-appl it says the following Web Document Root Web Applications should try to avoid storing files in the Web Document Root. Instead they should use the /usr/share/doc/package directory for documents and register the Web Application via the doc-base package. If access to the web document root is unavoidable then use /var/www Can anyone explain why this is please?

    Read the article

  • Apr_sockaddr_info_get() Failed

    - by wisemonkey
    Today while trying to start apache server I received an error: Apr_sockaddr_info_get() Failed I would like to get opinions / answers to resolve this issue. I would like to know what exactly is wrong with my current setup and what are correct steps I need to take to resolve it. Just to start apache server I referred to http://www.webune.com/forums/apr-sockaddr-info-get-failed.html and server started without error but I don't see website coming online yet. I'm not exactly sure what all information is required to resolve it, you guys can ask me and I'll reply with required information

    Read the article

  • virtual host setup: can't access wordpress site without www

    - by two7s_clash
    I would like to access my site both with and without using the www. Currently it only works with. Leaving out the www just goes to a blank page. Also, wp-admin just loads a blank page too. I have set an A record for mysite.com and www.mysite.com, both pointing to my static Bitnami IP. I also have a subdomain mapped to another directory that is working just fine (conference.mysite.com and www.conference.mysite.com). I'm using a Bitnami stack on an AWS EC2 micro instance. Here is my httpd.conf: ServerRoot "/opt/bitnami/apache2" Listen 80 LoadModule authn_file_module modules/mod_authn_file.so blah blah blah.... LoadModule php5_module modules/libphp5.so <IfModule !mpm_netware_module> <IfModule !mpm_winnt_module> User daemon Group daemon </IfModule> </IfModule> ServerAdmin [email protected] ServerName localhost:80 DocumentRoot "/opt/bitnami/apps/wordpress1/htdocs/" <Directory /> Options FollowSymLinks AllowOverride None Order deny,allow Allow from all </Directory> <Directory "/opt/bitnami/apps/wordpress1/htdocs/"> Options Indexes MultiViews +FollowSymLinks LanguagePriority en AllowOverride All Order allow,deny Allow from all </Directory> <IfModule dir_module> DirectoryIndex index.html index.php </IfModule> <FilesMatch "^\\.ht"> Order allow,deny Deny from all Satisfy All </FilesMatch> ErrorLog "logs/error_log" LogLevel warn <IfModule log_config_module> LogFormat "%h %l %u %t \\"%r\\" %>s %b \\"%{Referer}i\\" \\"%{User-Agent}i\\"" combined LogFormat "%h %l %u %t \\"%r\\" %>s %b" common <IfModule logio_module> LogFormat "%h %l %u %t \\"%r\\" %>s %b \\"%{Referer}i\\" \\"%{User-Agent}i\\" %I %O" combinedio </IfModule> CustomLog "logs/access_log" common </IfModule> <IfModule alias_module> ScriptAlias /cgi-bin/ "/opt/bitnami/apache2/cgi-bin/" </IfModule> <Directory "/opt/bitnami/apache2/cgi-bin"> AllowOverride None Options None Order allow,deny Allow from all </Directory> DefaultType text/plain <IfModule mime_module> TypesConfig conf/mime.types AddType application/x-compress .Z AddType application/x-gzip .gz .tgz </IfModule> Include conf/extra/httpd-mpm.conf <IfModule ssl_module> SSLRandomSeed startup builtin SSLRandomSeed connect builtin </IfModule> AddType application/x-httpd-php .php .phtml LoadModule wsgi_module modules/mod_wsgi.so WSGIPythonHome /opt/bitnami/python ServerSignature Off ServerTokens Prod AddType application/x-httpd-php .php PHPIniDir "/opt/bitnami/php/etc" Include "/opt/bitnami/apps/phpmyadmin/conf/phpmyadmin.conf" ExtendedStatus On <Location /server-status> SetHandler server-status Order Deny,Allow Deny from all Allow from localhost </Location> Include "/opt/bitnami/apache2/conf/bitnami/httpd.conf" Include "/opt/bitnami/apps/virtualhost.conf" Here is my virtual hosts file: NameVirtualHost *:80 <VirtualHost *:80> ServerAdmin xx DocumentRoot "/opt/bitnami/apps/wordpress1/htdocs" ServerName mbird.com ServerAlias www.mbird.com ErrorLog "logs/wordpress-error_log" CustomLog "logs/wordpress-access_log" common </VirtualHost> <Directory "/opt/bitnami/apps/wordpress1/htdocs"> Options Indexes MultiViews +FollowSymLinks AllowOverride All Order allow,deny Allow from all </Directory> ### WordPress conference.mbird.com configuration ### <VirtualHost *:80> ServerAdmin [email protected] DocumentRoot "/opt/bitnami/apps/wordpress/htdocs" ServerName conference.mbird.com ServerAlias www.conference.mbird.com ErrorLog "logs/confwordpress-error_log" CustomLog "logs/confwordpress-access_log" common </VirtualHost> <Directory "/opt/bitnami/apps/wordpress/htdocs"> Options Indexes MultiViews +FollowSymLinks AllowOverride All Order allow,deny Allow from all </Directory> ###

    Read the article

  • Dovecot: no auth attempts in 0 secs (IMAP protocol)

    - by Luca D'Amico
    I'm having a lot of problems configuring dovecot ony vps. I'm already able to send email using port 110 and to receive email using port 25, but I can't connect using port 993 and 995. I'm using self-signed ssl certificates. When I try to connect to 993 this error is logged: Jun 8 19:06:39 MY_HOSTNAME dovecot: imap-login: Disconnected (no auth attempts in 2 secs): user=<>, rip=MY_IP, lip=MY_VPS_IP, TLS, session=<MY_SESSION> When I try to connect to 995 here is the error log: Jun 8 19:08:17 MY_HOSTNAME dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=MY_IP, lip=MY_VPS_IP, TLS: SSL_read() failed: error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate unknown: SSL alert number 46, session=<MY_SESSION> EDIT: I was able to fix this part by refreshing my mail client ssl cert. Anybody can help me please ? I'm stuck :/ Many thanks

    Read the article

  • smtp.gmail.com from bash gives "Error in certificate: Peer's certificate issuer is not recognized."

    - by ndasusers
    I needed my script to email admin if there is a problem, and the company only uses Gmail. Following a few posts instructions I was able to set up mailx using a .mailrc file. there was first the error of nss-config-dir I solved that by copying some .db files from a firefox directory. to ./certs and aiming to it in mailrc. A mail was sent. However, the error above came up. By some miracle, there was a Google certificate in the .db. It showed up with this command: ~]$ certutil -L -d certs Certificate Nickname Trust Attributes SSL,S/MIME,JAR/XPI GeoTrust SSL CA ,, VeriSign Class 3 Secure Server CA - G3 ,, Microsoft Internet Authority ,, VeriSign Class 3 Extended Validation SSL CA ,, Akamai Subordinate CA 3 ,, MSIT Machine Auth CA 2 ,, Google Internet Authority ,, Most likely, it can be ignored, because the mail worked anyway. Finally, after pulling some hair and many googles, I found out how to rid myself of the annoyance. First, export the existing certificate to a ASSCII file: ~]$ certutil -L -n 'Google Internet Authority' -d certs -a > google.cert.asc Now re-import that file, and mark it as a trusted for SSL certificates, ala: ~]$ certutil -A -t "C,," -n 'Google Internet Authority' -d certs -i google.cert.asc After this, listing shows it trusted: ~]$ certutil -L -d certs Certificate Nickname Trust Attributes SSL,S/MIME,JAR/XPI ... Google Internet Authority C,, And mailx sends out with no hitch. ~]$ /bin/mailx -A gmail -s "Whadda ya no" [email protected] ho ho ho EOT ~]$ I hope it is helpful to someone looking to be done with the error. Also, I am curious about somethings. How could I get this certificate, if it were not in the mozilla database by chance? Is there for instance, something like this? ~]$ certutil -A -t "C,," \ -n 'gmail.com' \ -d certs \ -i 'http://google.com/cert/this...'

    Read the article

  • How to overcome Local Group Policy Editor's 1023 character limit?

    - by Louis
    I want to reorder the SSL Cipher Suite Order applied as part of KB2919355, prioritizing the forward secrecy suites above all else. Trying to do this with gpedit at Computer Configuration Administrative Templates Network SSL Configuration Settings SSL Cipher Suite Order is a problem because the new list goes over the tool's character limit. Is there anyway to overcome this limit so I don't have to keep the current priority or omit something from the list?

    Read the article

  • Weblogic SSL Configuration 10.3 Steps

    - by ssd
    Hello, I am currently looking to install ssl on weblogic 10.3. There are is tons of info on oracle website however it seems to be shattered all over the place. is there a weblogic expert who can provide the steps for the following: setup ssl with self signed certificate (from scratch) setup ssl with CA from Verisign (from scratch) Thank you

    Read the article

  • Hosting 2 different SSL domains on the same IP [closed]

    - by Jim
    Possible Duplicate: Multiple SSL domains on the same IP address and same port? I have 2 different domains, domain1.com and domain2.net. Both require SSL certificates. I've got the certificates signed by a CA and now need to set them up on Apache. I've got a single IP address and have found a post here: SSL site not using the correct IP in Apache and Ubuntu that apparently works for ubuntu but I am on CentOS and have not had the same luck trying that configuration. When I try that configuration, Apache dies telling me that the port is already in use: (98)Address already in use: make_sock: could not bind to address 0.0.0.0:443 I had SSL working for a single domain but now that I've added the second, I get a browser warning about the cert not belonging to the domain. How do I get both domains to work using virtual host containers?

    Read the article

  • activesync not working with forms based authentication

    - by Chad
    I have an Exchange 2003 SP2 single backend server with an SSL cert. I was having trouble getting OMA to work so I found a MS article about making a reg hack and creating a new Exchange-OMA virtual directory. I am able to connect and access content from my mailbox by using secure mail.domainname.com/oma and using my credentials. ActiveSync was not working on a Windows mobile phone or iPhone. I found another article about using Forms Based Authenication and SSL on a single Exchange server environment and the fix was to elliminate FBA and SSL for the Exchange virtual directory. That allows ActiveSync to now work. I have very few mobile users, but they are management, so I need to make ActiveSync work but I would like to get back to using SSL. http://support.microsoft.com/kb/817379 Any ideas about this setup? Thanks.

    Read the article

  • Using client certificates with wget

    - by Doc
    I cannot get wget to use the client certificates. The documentation speaks about using the --certificate flag. The use of the certificate flag is clear, I set it to use the PEM version of the client certificate. But when I connect I get the following error: HTTP request sent, awaiting response... Read error (error:14094410:SSL routines: SSL3_READ_BYTES:sslv3 alert handshake failure; error:140940E5:SSL routines:SSL3_ READ_BYTES:ssl handshake failure) in headers. Giving up. ssl handshake failure means the client did not supply a correct client cert. Still the client cert I use, works in a browser. Note: When I disable client authentication on the server, wget can connect. Note: The use of curl is suggested, but I'd like to avoid the switch.

    Read the article

  • Using client certificates with wget

    - by Doc
    I cannot get wget to use the client certificates. The documentation speaks about using the --certificate flag. The use of the certificate flag is clear, I set it to use the PEM version of the client certificate. But when I connect I get the following error: HTTP request sent, awaiting response... Read error (error:14094410:SSL routines: SSL3_READ_BYTES:sslv3 alert handshake failure; error:140940E5:SSL routines:SSL3_ READ_BYTES:ssl handshake failure) in headers. Giving up. ssl handshake failure means the client did not supply a correct client cert. Still the client cert I use, works in a browser. Note: When I disable client authentication on the server, wget can connect. Note: The use of curl is suggested, but I'd like to avoid the switch.

    Read the article

  • nginx - 403 Forbidden

    - by michell90
    I've trouble to get aliases working correctly on nginx. When i try to access the aliases, /pma and /mba (see secure.example.com.conf), i get a 403 Forbidden but the base url works correctly. I read a lot of posts but nothing helped, so here i am. Nginx and php-fpm are running as www-data:www-data and the permissions for the directories are set to: drwxrwsr-x+ 5 www-data www-data 4.0K Dec 5 22:48 ./ drwxr-xr-x. 3 root root 4.0K Dec 4 22:50 ../ drwxrwsr-x+ 2 www-data www-data 4.0K Dec 5 13:10 mda.example.com/ drwxrwsr-x+ 11 www-data www-data 4.0K Dec 5 10:34 pma.example.com/ drwxrwsr-x+ 3 www-data www-data 4.0K Dec 5 11:49 www.example.com/ lrwxrwxrwx. 1 www-data www-data 18 Dec 5 09:56 secure.example.com -> www.example.com/ Im sorry for the bulk, but i thought better too much than too little. Here are the configuration files: /etc/nginx/nginx.conf user www-data www-data; worker_processes 1; error_log /var/log/nginx/error.log; #error_log /var/log/nginx/error.log notice; #error_log /var/log/nginx/error.log info; pid /var/run/nginx.pid; events { worker_connections 1024; } http { include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; keepalive_timeout 65; include /etc/nginx/sites-enabled/*; } /etc/nginx/sites-enabled/secure.example.com server { listen 80; server_name secure.example.com; return 301 https://$host$request_uri; } server { listen 443; server_name secure.example.com; access_log /var/log/nginx/secure.example.com.access.log; error_log /var/log/nginx/secure.example.com.error.log; root /srv/http/secure.example.com; include /etc/nginx/ssl/secure.example.com.conf; include /etc/nginx/conf.d/index.conf; include /etc/nginx/conf.d/php-ssl.conf; autoindex off; location /pma/ { alias /srv/http/pma.example.com; } location /mda/ { alias /srv/http/mda.example.com; } } /etc/nginx/ssl/secure.example.com.conf ssl on; ssl_certificate /etc/nginx/ssl/secure.example.com.crt; ssl_certificate_key /etc/nginx/ssl/secure.example.com.key; ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; /etc/nginx/conf.d/index.conf index index.php index.html index.htm; /etc/nginx/conf.d/php-ssl.conf location ~ \.php$ { try_files $uri =404; fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock; fastcgi_index index.php; fastcgi_param HTTPS on; fastcgi_param SCRIPT_FILENAME $request_filename; include fastcgi_params; } /var/log/nginx/secure.example.com.error.log 2013/12/05 22:49:04 [error] 29291#0: *2 directory index of "/srv/http/pma.example.com" is forbidden, client: 176.199.78.88, server: secure.example.com, request: "GET /pma/ HTTP/1.1", host: "secure.example.com" EDIT: forgot to mention, i'm running CentOS 6.4 x86_64 and nginx 1.0.15 Thanks in advance!

    Read the article

  • Remove all HTTP bindings from an IIS 6 site while leaving SSL bindings

    - by MikeBaz
    We have a (remote, via a reseller) customer who configured their IIS6 server to not have any port 80 HTTP bindings, only port 443 SSL bindings. We would like to reproduce this without going through the three layers (!) to get to the customer to test some error scenerios. However, whenever I try to get IIS to not listen on IIS at all, I can't do it. If I do it in the UI, either leaving in the main properties page, or in the advanced bindings page, the UI does not let me proceed. If I remove the HTTP ServerBindings from the metabase.xml directly, IIS makes it port 80, all unassigned addresses anyway. Is there a way to get to the "SSL only" state naturally? Please note I am NOT talking about the "require SSL" checkbox or underlying metabase setting, as that still listens on port 80 (or whatever) to give the "SSL required" error message. I'm talking about not having any bindings listed at all for HTTP.

    Read the article

  • PCI scan findings and problems with week ciphers on ports 993,443,995,465

    - by user64991
    From PCI scan results: Synops is : The remote service encrypts traffic using a protocol with known weaknesses . Description : The remote service accepts connections encrypted using SSL 2.0, which reportedly suffers from several cryptographic flaws and has been deprecated for several years. An attacker may be able to exploit these issues to conduct man-in-the-middle attacks or decrypt communications between the affected service and clients . See also : http://www.schneier.com/paper-ssl.pdf Solution: Consult the application's documentation to disable SSL 2.0 and use SSL 3.0 or TLS 1.0 instead. Risk Factor: Medium / CVSS Base Score : 2 (AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N) I have tried to change SSLProtocol all -SSLv2 to SSLProtocol -ALL +SSLv3 +TLSv1 And SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW To SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:!MEDIUM:!LOW:!SSLv2:!EXPORT But using SSLdigger, it shows the same result. Is this the right way to do something like this?

    Read the article

  • PHP failing to connect to GMail via IMAP [Edited!!]

    - by Alexander
    I have some php code that I'm trying to use to connect to gmail using imap. Here's the code: $hostname = '{imap.gmail.com:993/imap/ssl/novalidate-cert}INBOX'; $tmp_username = 'username'; $tmp_password = 'password'; $inbox = imap_open($hostname, $username, $password) or die(imap_last_error()); And I get this error output everytime i try to connect: Warning: imap_open() [function.imap-open]: Couldn't open stream {imap.gmail.com:993/imap/ssl/novalidate-cert}INBOX in /var/www/PHP/EmailScript.php on line 14 Login aborted I dont understand what could be wrong!! I've heard of people having SSL errors but this doesnt seem to be one of those. Please please please help me!!!!! Edit: When trying to connect to imap.gmail.com through telnet-ssl i get the following output: Trying 74.125.155.109... Connected to gmail-imap.l.google.com. Escape character is '^]'. And Nothign else happens

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 58 59 60 61 62 63 64 65 66 67 68 69  | Next Page >