Search Results

Search found 6253 results on 251 pages for 'apache2 ssl'.

Page 84/251 | < Previous Page | 80 81 82 83 84 85 86 87 88 89 90 91  | Next Page >

• Nginx Forward SSL for single site

  - by Will.brown

  I have a nginx server setup and it works fine for http however i would like to bypass the proxy for https connection. I want it so that when someone goes to my ip https:// ip1 (Nginx server) it bypasses ngix and forwards all traffic to https:// ip2(webserver) i do not need ngix to do this for any ssl website just one particular website. SO Client to https:// ip1 to https:/ /ip2 to https:// ip1 to client pc I just want the nginx to not intercept the connection and forward it on and on return forward the connection to client Im guessing i do this by nat mascarade buy not exactly sure how to do it and if i will need to tell nginx to ignore ssl aswell can someone help me please this has gone me stuck

  Read the article

• How to handle user accounts for many sites running on same server

  - by Simon Courtenage

  Background to this question: I want to host multiple e-commerce sites on the same server, each with their own separate customer login application. Each site's login application needs to be secured by SSL. I'm unsure how best to handle this. For example, do I need to acquire a separate SSL certificate for each site (in which case, how do I do this dynamically, as the sites are created), or do I handle this using ONE login gateway-style application, which handles it on behalf of all the sites via a kind of transparent redirect? I'd be grateful for any pointers or advice. Thanks.

  Read the article

• Naming standard for additional A records/IP addresses for IIS servers?

  - by serialhobbyist

  When you're adding another IP address to and IIS server, what naming standards do you use for the A records? Background: I've a bunch of sites on an IIS server which use (CNAME'd) host-headers and a single IP address. Server names (and A records) adhere to unfriendly (as in difficult-to-remember) naming standards whereas CNAMEs, and therefore host-headers, can be friendly. Now I've a need for several SSL certificates for different sites. I was thinking about using an additional IP address for each to-be-SSL'd site but still using friendly CNAMEs. So then I come to what to call the A record. What do you do? Related to this question.

  Read the article

• Environment variables in Weblogic Managed Server with SSL nodemanager

  - by Eric Darchis

  We have a C legacy application start with JNI that requires environment variables. Not java -Djava.library.path -Dvar=foo as these are purely java. I need real environment variables. When we setup our domains, we usually use the SSH method to start the node managers. This works fine and the env variables are set properly. Recently the sysadmin has decided for a few reasons to use the SSL mode for nodemanagers. The servers start but the environment variables are not set. I checked with "pargs -e" (this is a Solaris machine) that the env variable was indeed not present from the nodemanager and for the managed server. Is SSL starting the managed server without running the .sh scripts or I am missing a parameter somewhere ?

  Read the article

• Forwarding 80 to 443 on Nagios woes

  - by Ethabelle

  I perhaps just need some extra insight because I don't see where I'm going wrong. I used an SSL Cert to secure our nagios server. We want to specifically require all traffic over nagios (like 2 users, lol) to use SSL. So I thought, oh, mod_rewrite + Rewrite Rule in .htaccess, right? So I went into the DocumentRoot and did a vi .htaccess (one didn't already exist) and then I put in the following rule; RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://our.server.org/$1 [R,L] This does absolutely nothing. Does nada. Whhhyy.. Note: AllowOverride all in httpd.conf is on. Also, I verified that the module is not uncommented out ... but note, I couldn't find the mod_rewrite module installed so I copied it over from another server and placed it in modules/mod_rewrite.so . It was weird because it was enabled in the httpd.conf file, but then didn't exist in modules ... I'm a baddie :(

  Read the article

• Apache2, can't apply Directory access

  - by skomak

  Hi, i can't figure out how apply deny access to a directory. Here is my config: <VirtualHost x.x.x.x:80> DocumentRoot /var/www/html/wwwhtml ServerName mydomain.com ServerAdmin [email protected] ErrorLog /var/log/httpd/mydomain_error.log TransferLog /var/log/httpd/mydomain_access_log Alias /test /var/www/html/wwwhtml/eventum <Directory /var/www/html/wwwhtml/eventum> Order deny,allow Deny from all #Allow from 192.168.0 </Directory> I deny access to /test but it doesn't work, on my another server it works perfectly :/ Do you know what can cause that problem? How to solve it? It is not whole config but the most important part. Maybe file rewrites can cause it? Thanks in advance.

  Read the article

• Apache2 and logrotate: delaycompress needed?

  - by j0nes

  Hello, I am currently looking at the file size of my Apache logs as they became huge. In my logrotate conf, I have delaycompress enabled. Does Apache really need this (as the logrotate documentation says that some programs still write in the old file) or is it safe to disable delaycompress? Best regards, Jonas

  Read the article

• postfix on same server as apache2 mysql php

  - by Sandro Dzneladze

  I've dedicated box that hosts wordpress blog with huge traffic. I need mail functionality for me and 2 other employees. I also need mail send capability for fail2ban and logwatch applications. I don't want to stress this box too much, so I wonder: How scure can postfix be? Will I stress server beyond needed with antivirus and mail filters? and postfix? Server is with 2gb ram, e5600 nothing fancy a simple pc.

  Read the article

• default domain and first domain in apache2 causing trouble

  - by acidzombie24

  I have 3 sites and a default/test site using mono's test page. I created aFirst, c, d, e, zLast. zLast has rewrite rules that should be evaluated last. Since the first VirtualHost seen is the default i set it to this --aFirst-- <VirtualHost *:80> ServerName www.domain.tld ServerAdmin webmaster@localhost DocumentRoot /var/www/test DirectoryIndex index.html index.aspx index.php MonoDocumentRootDir "/var/www/test" MonoServerPath rootsite "/usr/local/bin/mod-mono-server2" MonoApplications rootsite "/:/var/www/test" <Directory /var/www/test> MonoSetServerAlias rootsite SetHandler mono AddHandler mod_mono .aspx .ascx .asax .ashx .config .cs .asmx </Directory> </VirtualHost> The problem is my default page (the ip address of my server) and the first website (csite.ddomain.net) have problems (even though csite is defined in c and is not the first virtual host). The ip address of my server and csite.ddomain.net ALWAYS load the same site. Either monos test page or the csite. It flips every time i restart apache. Why isnt the server ip address always loading the default page (mono test page) and why isnt csite.ddomain.net always loading the site i want!?! Heres the config for --csite-- <VirtualHost *:80> ServerName csite.testdomain.net ServerAdmin webmaster@localhost ServerAlias s.csite.testdomain.net DocumentRoot /var/www/prjname DirectoryIndex index.html index.aspx MonoDocumentRootDir "/var/www/prjname" MonoServerPath rootsite "/usr/local/bin/mod-mono-server2" MonoApplications rootsite "/:/var/www/prjname" <Directory /var/www/prjname> MonoSetServerAlias rootsite SetHandler mono AddHandler mod_mono .aspx .ascx .asax .ashx .config .cs .asmx </Directory> </VirtualHost> aFirst, c, d, e, zLast are all enabled.

  Read the article

• embedded tomcat 7 behind iis 7.5 proxy ssl problems

  - by user1058410

  I'm using embedded tomcat 7 behind a iis 7.5 proxy server, with requests being forwarded to tomcat with arr. Everything works fine unless iis is set to require ssl. Then things like links that are generated dynamically in .jsp files on tomcat don't work right. For example if a link is supposed to point to _https://somewhere.com:443 it will be wrote as _http://somewhere.com:8080 (8080 is the port tomcat is running on). The problem seems to come from when tomcat looks at itself to build out the url it sees correctly that it is running on _http://somewhere.com:8080, but i need it to think otherwise. Does anybody know how to accomplish this without using ssl between iis and tomcat? Sorry for the underscores in front of the imaginary urls.

  Read the article

• apache2 Webdav using VirtualDocumentRoot

  - by picca

  I'm trying to get up dynamical WebDav on my virtual hosts <VirtualHost *:80> # http://www.example.com/test.txt -> /var/www/example.com/www/test.txt VirtualDocumentRoot /var/www/%-2.0.%-1.0/%-3+/ <Location /webdav> Dav On AuthType Basic AuthName "example.com" AuthUserFile /var/www/[PROBLEM-1]/passwd.dav Require valid-user </Location> </VirtualHost> Is there any way I can set dynamically PROBLEM-1 placeholder based on whatever comes with *HTTP_HOST*? More precisely part of it? Example: HTTP_HOST = www.example.com - PROBLEM-1 = example.com HTTP_HOST = example.com - PROBLEM-1 = example.com What I'm trying to do here is to load dav passwd file dynamically based on which domain is requested. It is something like "groups" if you wish. So that owner of domainA is not allowed to access files of domainB. So maybe there is some other solution based on AuthGroupFile directive?

  Read the article

• Safari, IIS and optional Client Certificates

  - by Philipp

  I've a ASP.Net Webapp running on IIS7.5. The Webserver is configured to accept Client Certifcates. Unfortunately Visitors with Safari Browser are unable to view the Page. Same Problem as described under the following link: http://www.mnxsolutions.com/apache/safari-providing-an-ssl-error-client-certificate-rejected%E2%80%9D-when-other-browsers-work.html Does anyone knows how to solve this? I'd really appreciate your help. edit: Seems to be the same problem: http://superuser.com/questions/231695/iis7-5-ssl-question-safari-users-get-a-prompt-of-certificate-to-select

  Read the article

• Is visiting HTTPS websites on a public hotspot secure?

  - by Calmarius

  It's often said that HTTPS SSL/TLS connections are encrypted and said to be secure because the communication between the server and me is encrypted (also provides server authentication) so if someone sniffs my packets, they will need zillions of years to decrypt if using brute force in theory. Let's assume I'm on a public wifi and there is a malicious user on the same wifi who sniffs every packet. Now let's assume I'm trying to access my gmail account using this wifi. My browser does a SSL/TLS handshake with the server and gets the keys to use for encryption and decryption. If that malicious user sniffed all my incoming and outgoing packets. Can he calculate the same keys and read my encrypted traffic too or even send encrypted messages to the server in my name?

  Read the article

• Client-side certificates

  - by walshms

  My company purchased a wildcard certificate from a vendor. This certificate was successfully configured with Apache 2.2 to secure a subdomain. Everything on the SSL side works. Now I'm required to generate x509 client-side certificates to issue for this subdomain. I'm following along this page: (http://www.vanemery.com/Linux/Apache/apache-SSL.html), starting with "Creating Client Certificates for Authentication". I've generated the p12 files and successfully imported them into Firefox. When I browse to the site now, I get an error in FireFox that says "The connection to the server was reset while the page was loading." I think my problem is coming from not signing the client-side correctly. When I sign the client-side certificate, I'm using the PEM file (RapidSSL_CA_bundle.pem) from RapidSSL (who we bought the certificate from) for the -CA argument. For the -CAkey argument, I'm using the private key of the server. Is this correct?

  Read the article

• "Countersigning" a CA with openssl

  - by Tom O'Connor

  I'm pretty used to creating the PKI used for x509 authentication for whatever reason, SSL Client Verification being the main reason for doing it. I've just started to dabble with OpenVPN (Which I suppose is doing the same things as Apache would do with the Certificate Authority (CA) certificate) We've got a whole bunch of subdomains, and applicances which currently all present their own self-signed certificates. We're tired of having to accept exceptions in Chrome, and we think it must look pretty rough for our clients having our address bar come up red. For that, I'm comfortable to buy a SSL Wildcard CN=*.mycompany.com. That's no problem. What I don't seem to be able to find out is: Can we have our Internal CA root signed as a child of our wildcard certificate, so that installing that cert into guest devices/browsers/whatever doesn't present anything about an untrusted root? Also, on a bit of a side point, why does the addition of a wildcard double the cost of certificate purchase?

  Read the article

• Which modules can be disabled in apache2.4 on windows

  - by j0h

  I have an Apache 2.4 webserver running on Windows. I am looking into system hardening and the config file httpd.conf. There are numerous load modules and I am wondering which modules I can safely disable for performance and / or security improvements. Some examples of things I would think I can disable are: LoadModule cgi_module others like LoadModule rewrite_module LoadModule version_module LoadModule proxy_module LoadModule setenvif_module I am not so sure they can be disabled. I am running php5 as a scripting engine, with no databases, and that is it. My loaded modules are: core mod_win32 mpm_winnt http_core mod_so mod_access_compat mod_actions mod_alias mod_allowmethods mod_asis mod_auth_basic mod_authn_core mod_authn_file mod_authz_core mod_authz_groupfile mod_authz_host mod_authz_user mod_autoindex mod_dav_lock mod_dir mod_env mod_headers mod_include mod_info mod_isapi mod_log_config mod_cache_disk mod_mime mod_negotiation mod_proxy mod_proxy_ajp mod_rewrite mod_setenvif mod_socache_shmcb mod_ssl mod_status mod_version mod_php5

  Read the article

• Rolling Apache2 log files

  - by Andrew B

  I'm using a Collabnet svn distribution on linux, and the log files are configured through the standard apache httpd.conf. It's been a while since I dealt directly with apache, but my memory and google seem to indicate that the only way to rotate apache log files is outside of apache, using a periodic script. Is there some convenient way I'm missing to rotate these?

  Read the article

• Apache2 403 permission denied on Ubuntu 12.04

  - by skeniver

  I have a sub-directory in my /var/www folder called prod, which is password protected. It was all working fine until I asked my server admin to help me set up allow all access to one particular file. Now the entire folder is just giving me a 403 error. This is the sites-enabled file: <VirtualHost *:80> ServerAdmin [email protected] # Server name ServerName prod.xxx.co.uk DocumentRoot /var/www/prod <Directory /var/www/prod> Options Indexes FollowSymLinks MultiViews +ExecCGI Includes AllowOverride None Order allow,deny AuthType Basic AuthName "Please log in" AuthUserFile /home/ubuntu/.htpasswd Require valid-user </Directory> <Directory /var/www/prod/xxx/cgi-bin/api.pl> Allow from All Satisfy Any </Directory> ScriptAlias /xxx/cgi-bin/ /var/www/prod/xxx/cgi-bin/ ErrorLog ${APACHE_LOG_DIR}/prod.xxx.error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog ${APACHE_LOG_DIR}/prod.xxx.access.log combined </VirtualHost> Now he's unsure why this is blocking me out completely. No permissions have been changed, but this is the /var/www/ folder: 4 drwxr-xr-x 2 root root 4096 Jan 3 21:10 images 4 drwxr-sr-x 4 root www-data 4096 Mar 31 14:47 jslib 4 drwxr-xr-x 7 root root 4096 Jun 2 13:00 prod When I try to visit http://prod.xxx.co.uk, I don't get asked for the password; I just get 403'd I hope I've given enough information... Anyone able to spot something he can't?

  Read the article

• HTTPS subdomain does not load site under HTTP

  - by Mark Lawrence

  I recently installed an SSL certificate on a subdomain following the steps at cPanel. Lets just say the domain is example.com and the subdomain is sub.example.com. I updated the userdata file for the subdomain and changed the IP address to the IP I wanted to use I updated the example.com zone file and changed the IP for the A Name for the subdomain to the IP I wanted to use Using domain tools I checked that sub.example.com resolved to the new IP which it does. I then installed an SSL certificate on example.com and then on sub.example.com When I visit http://sub.example.com I get the default Apache account screen, and when I visit https://sub.example.com I get the cPanel 404 page. If however I enter https://sub.example.com/admin (the location of my admin section) the page loads and I can login. I thought that this might be a propagation issue however as the subdomain resolves to the IP and I can reach the admin page I suspect it is not a propagation issue and possibly an incorrect zone file. Any thoughts?

  Read the article

• All HTTPS, or is it OK to accept HTTP and redirect (secure vs. user friendly)

  - by tharrison

  Our site currently redirects requests sent to http://example.com to https://example.com -- everything beyond this is served over SSL. For now, the redirect is done with an Apache rewrite rule. Our site is dealing with money, however, so security is pretty important. Does allowing HTTP in this way pose any greater security risk than just not opening or listening on port 80? Ideally, it's a little more user-friendly to redirect. (I am aware that SSL is only one of a large set of security considerations, so please make the generous assumption that we have done at least a "very good" job of covering various security bases.)

  Read the article

• Apache2 WebServer not allowing me to view website/files in /var/www

  - by CitadelCSAlum

  I used to be able to access websites/files that were stored in the directory /var/www I have not used this for a while, but now I have a need to store, media in this directory or in the directory/var/www/images I noticed that my apache web server wasnt running correctly so I did a complete package removal and then reinstalled, but I am still unable to access a test page inde.html in the directory /var/www/index.html by going to http://myipaddresshere/index.html Is there some initial configuration I need to do to allow me to store HTML and media files in this directory and be able to access them from the browser? I dont remember having to do anything before.

  Read the article

• HTTP Subdomain Redirect to HTTPS automatically. Why?

  - by user139062

  I have 2 websites deployed in IIS 7.5 Express. The first website is the PRODUCTION website and the second is the TEST website. In the PRODUCTION website, I added an HTTPS binding and Require SSL so it is normal that it will force to redirect from HTTP to HTTPS. In the TEST website, I didn't add HTTPS binding and the Require SSL is disabled but I wonder why it still force to redirect from HTTP to HTTPS. Any idea why this happen? By the way, the PRODUCTION site uses the main domain (www.maindomain.com) and the TEST site uses only sub-domain (test.maindomain.com). I don't want the sub-domain to only use HTTP, not HTTPS. Thank you in advance.

  Read the article

• Authenticating SSL in Paros Proxy

  - by Chevi

  I need to inspect some traffic from my iPhone to debug an application, which is going and coming from an https address. Since I don't have a Mac at the moment, I tried with Paros proxy, which I had used before. It's working fine with http connections, but whenever I try to open a website with SSL encryption in Mobile Safari it says that the certificate is not trusted. I can "Continue" and it would work, but not on Applications. How can I set up a trusted certificate with Paros and the iPhone? Thanks in advance, Alex UPDATE: I'm going to try and create my own SSL certificate for testing with Windows' MakeCert UPDATE 2: For some reason I could get Windows SDK to install, so I haven't tried this yet...

  Read the article

• using main domain as a mail server

  - by zensys

  I have a mail server set up as mail.mydomain.com like most people do. Now I find out that if I want to secure both mail.mydomain.com and mydomain.com with ssl I need two SSl certificates (or one more versatile but more expensive certificate). Does it make sense to run my mail server under mydomain.com (it is the same physical machine anyway) to save certificate expenses (I am Dutch) or is this being pound foolish? What is the rationale of separating the mail server from the 'www' server apart from the intuitive 'neatness' appeal?

  Read the article

• Which modules can be disabled in apache2.4 on windows

  - by j0h

  I have an Apache 2.4 webserver running on Windows. I am looking into system hardening and the config file httpd.conf. There are numerous load modules and I am wondering which modules I can safely disable for performance and / or security improvements. Some examples of things I would think I can disable are: LoadModule cgi_module others like LoadModule rewrite_module LoadModule version_module LoadModule proxy_module LoadModule setenvif_module I am not so sure they can be disabled. I am running php5 as a scripting engine, with no databases, and that is it. My loaded modules are: core mod_win32 mpm_winnt http_core mod_so mod_access_compat mod_actions mod_alias mod_allowmethods mod_asis mod_auth_basic mod_authn_core mod_authn_file mod_authz_core mod_authz_groupfile mod_authz_host mod_authz_user mod_autoindex mod_dav_lock mod_dir mod_env mod_headers mod_include mod_info mod_isapi mod_log_config mod_cache_disk mod_mime mod_negotiation mod_proxy mod_proxy_ajp mod_rewrite mod_setenvif mod_socache_shmcb mod_ssl mod_status mod_version mod_php5

  Read the article

< Previous Page | 80 81 82 83 84 85 86 87 88 89 90 91  | Next Page >