How do I prevent apache from binding to port 443? HTTPS support is not needed so only want apache to bind to port 80
My /etc/apache/httpd.conf has port 80, but no mention of 443 anywhere, yet netstat reveals it binding to port 443
I have apache 1.3.29.0.2-5 on Debian Linux (knoppix)
My customer using exchange on internal office, the https port conflict with their work. how do I disable https port on their domain?
I am using plesk 11.x and I have about 300 domains on it.
I am having the hardest time binding my domain name to my Apache server. If I use the IP address, I can access it just fine even outside of my network. But when I try to bind my domain name to that exact same IP address it just does not work.
I am running Apache 2.0.64 on Windows 8 and my domain name is registered at Name.com. I have contacted them to and I am awaiting a response but they are really backlogged right now and I thought it wouldn't hurt to post here as well. Besides, I thought it might have something to do with my Apache config file anyways and I wanted to make sure.
I have set up an Apache web server that has ssl enabled. If I go to https://myserver.com I get the 'it works!' page and the certificate is valid and trusted. If I go to https://myserver.com/myapp that also works (it's an Oracle weblogic deployed java app that I'm fronting with Apache).
I would like to configure Apache so that when a user goes to simply https://myserver.com it automatically directs them to https://myserver.com/myapp rather than showing the 'It works!' page. I have read some documentation and experimented with setting a redirect via the https.conf file and even the ssl.conf file but nothing seems to work. I either get a 404 or simply the 'It works! page.
how to catch request over http and forward them to https, I have VPS/Plesk and I was wondering how to do that.
Also, what do you think about having a sub domain on each client domain to access plesk, likes this:
[url]--> [url]
I'm runnung a server with Apache2 (Apache/2.2.16 (Debian 6.0))
I would like Apache2 listen on port 8080 for IPv4 and on port 80 for IPv6.
This is what I have now:
/etc/apache2/ports.conf
One failure cited by a recent PCI compliance report was that of the Plesk non-https login at port 8880. I believe we can resolve this by adding a firewall rule to block access to this port but wanted to check first if this will have any negative consequences elsewhere. Or is there a better way to achieve PCI compliance on this point?
View 2 Replies View RelatedI was wondering if it is possible to disable plesk redirect for clients domains on port 8443.I do not not want clients to to be able to access the plesk login screen when they visit exampleclientdomain.com:8443 but obviously i still want to be able to access my control panel e.g. myprimarydomain.com:8443. Is there something i can do to prevent the sites redirecting to my primary domain or am i better creating a htaccess rule to stop/redirect traffic on port 8443 ?
View 2 Replies View RelatedThe host is using a main IP. I can bind more IPs.
Shall I share same IP with host and web site or better sperate them for different IPs plus reverse IP for each of them.
I keep hearing that redirecting from http to https is not very secure [non-SSL to SSL]. Among other reasons, one reason is that the browser may continue to think it is communicating with non secure server and may not encrypt the data. Is it true? I hope not, I am using the following -
<VirtualHost 12.34.567.89:80>
ServerName www.mysite1234.com:80
Redirect / https://www.mysite1234.com/
</VirtualHost>
I have a problem with slow Apache 2.4.4. It's only related with https which is in general 5 time slower than the same site via http. I see this difference on the monitoring software which is measuring response time to http and https every 5 seconds. In some cases i got even timeouts in the browser on https while in the same time site is opening over http - slowly but opens always.
Apache runs on Win2k8 Enterprise, Version 2.4.4 x64 - VC10. Server is connected with quite poor internet connection as it's located in Africa. Despite of connection quality http is working properly all the time.
i have setup everything before using ssl without issue for using https url.Now I'm having issues for Apache 2.4.9.
In url https://tomysite.com i get
Not Found
I've just joined the group and new to Apache/php. I have just assembled a website in Joomla/vertumart and called petslovezone.com.au. I want to redirect all the request such as
1. http://xyz.com to https://xyz.com
2. http://www.xyz.com to https://xyz.com
3. xyz.com. to https://xyz.com
4. www.xyz.com to https://xyz.com
now know I have to change .htaccess "RewriteEngine On" section. What would be the best code to do all the above.
Apache Version2.4.10
PHP Version5.4.32
I'm using a turnkey image for smallmachineforum system, installed on amazon aws instance.
In the default configuration I can't use the http version of the site, only the https.
It does not seem to be a network issue, a telnet on port 80 opens.
The server is apache version 2.2.22, on a Debian 3.2.57-3+deb7u2 x86_64
Say I have two domains: example.com and example.net.
Upon a http request to example.com, I wish to redirect to https://example.com.
Upon either a http or https request to example.net, I wish to redirect to https://example.com.
Note that for both cases, subdomains should also be redirected, and the change should be considered permanent.
I've seem multiple ways to do so. What is the best way? How do I deal with subdomains when there is a new domain such as example.net to example.com?
I've taken a stab. How to fill in the gaps?
I am trying to find out if redirecting an https URL to an http URL will still provide the security of the original https? Should the page information for the redirected http page show it as being unencrypted or shouldn't it have the same encryption as the original https?
View 3 Replies View RelatedI´ve read that a whole https website might be better for SEO than just a mixed version. So I want to change the whole website to https.
We are using Plesk 12 on Win 2008 R2.
One Website is using DotNetNuke 7.3.2.
How can I automatically set the whole website to https?
What happens to the users that just type domainname.com without http or https.?
What is the right search engine friendly technique to permanently redirect to the https version even when the user is not using the application protocol prefix http/https?
Where can I do the setup in Plesk 12 fro Windows?
Are their any other drawbacks that I have to think over before I do the changes?
How to be able to fix my problem that is related to the https using apache2 (enabling https in apache2) at opensuse:
By the way, my opensuse version is:
openSUSE 12.1 (x86_64)
VERSION = 12.1
CODENAME = Asparagus
1) At the /etc/apache2/vhosts.d/vhost-ssl.conf, and if I do not have a name (as the server will be accessed using its IP address), can I place in the ServerName 192.168.0.5? Do I have to place it 192.168.0.5:443 or it is enough to be 192.168.0.5?
2) Is there a relation between the SSLCipherSuite values and the used method to generate the certificate?
3) I am afraid from the way that I am using to generate the certificate and the ssl module that is coming with apache2 at my machine which has opensuse. How can I select the right way?
Actually I used following commands to generate the .crt, .key and the .csr:
openssl genrsa -des3
openssl req -new -x509
openssl x509 -req
And that was from this link: [URL] .... But did not work with me !
Meanwhile I am placing:
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
4) Do I have to configure the virualhost? Do I have to create files under the directory /etc/apache2/vhosts.d? Because I will have one application to be browsed .. nothing more.
I'm trying to improve the performance of my website and noticed that https pages take really long to load:
[URL] ....
[URL] ....
It appears this problem is caused by using https, because when I open my site without https it loads pretty quickly.
[URL] ....
From what I can see it appears that the main problem is the time to first byte, so my question is how can I reduce this?
My virtualhost for SSL is set like this:
Quote:
<VirtualHost 46.249.47.12:443>
DocumentRoot "C:Program Files (x86)Apache Software FoundationApache24htdocssite 2"
ServerName www.elitegameservers.net
ServerAlias elitegameservers.net
ErrorLog "logs/xgclan.com-error.log"
[Code] ....
I have replaced the real paths with "PATH" for security reasons. How to reduce the time to first byte in general. I tried setting up memcache to accomplish this but I didn't notice any changes...
This is my mem cache config:
Quote:
<IfModule mod_mem_cache.c>
CacheEnable mem /
MCacheSize 10000000
MCacheMaxObjectCount 100000
MCacheMinObjectSize 1
MCacheMaxObjectSize 262144
</IfModule>
Update: Just ran the openssl speed command [URL] ....
I have a custom software that runs it's own webserver. I then found instructions on how to use apache2 as a proxy that will enable ssl for that site. (long story short, my custom software doesn't support ssl and it's not an option)
View 2 Replies View RelatedI recently got a SSL-certificate for my website. Now the old links to my website (using only http) doesnt work, the visitors just getting redirected to my index page. How can I change my .htaccess so both http and https works, but keep https as the preferred? Or even better, redirect old http links to https? I'm not using www.
My current .htaccess:
RewriteCond %{HTTPS} off
RewriteRule (.*) https ://%{HTTP_HOST}%{REQUEST_URI}
i want to redirect main domain http //, www request to https://
i added this code
RewriteCond %{HTTPS} off# First rewrite to HTTPS:# Don't put www. here. If it is already there it will be included, if not# the subsequent rule will catch it.RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]# Now, rewrite any request to the wrong domain to use www.RewriteCond %{HTTP_HOST} !^www.RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
In my apache conf file I redirect http to https requests like this:
Code:
# Redirect all requests to https
<VirtualHost *:80>
ServerName www.mypage.de
Redirect permanent / https://www.mypage.de/
</VirtualHost>
This worked just fine until yesterday, when I have updated to Apache 2.4 and disabled SSL 3 by doing this:
Code:
# Disable SSL 3 due to the POODLE vulnerability
SSLProtocol all -SSLv2 -SSLv3
Now, if I call any http URL, the server does not respond. If I explicitly call a https URL it works.
Apache2.4.6
apr-1.4.8
openssl-1.0.1c
arm-linux-gcc4.4.4
Recently I cross compiled Apache2.4.6 to run in my ARM cpu, and I found that http can work well if only it's own port such as 80 is listened, but if add one more port to be listened in conf file, http fails. That means http is good, but after https is on, http stop working and https is good. At the same time, I built the same apache2.4.6 in X86 gcc4.6.1, http and https can both work well. In addition, I also tried apache1.3.33 in the same ARM system, http and https can work well too. It seems like that in apache2.4.6, http can't work well if there is one more port listened in ARM system. Actually http port is listening and is established when using netstat to monitor it.
root@freescale /usr/local/apache/bin$ netstat -a
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 :::www :::* LISTEN
tcp 0 0 :::443 :::* LISTEN
tcp 0 0 (null):www (null):3705 ESTABLISHED
tcp 0 0 (null):443 (null):3720 ESTABLISHED
I am using an apache reverse proxy :
httpd -version
Server version: Apache/2.2.15 (Unix)
Server built: Oct 16 2014 14:48:21
In front of an internet liferay server, I m forcing https connexion and my reverse proxy is the SSL endpoint, and it is working fine.
But inside the liferay page there are "http" link to other webserver, and browser are refusing to load them because they are http and not https.
Is there a way in the reverse proxy to rewrite "on the fly" "http" link to "https" so that everything would be load on the browser ?
I was thinking mod_proxy_html but it doesn't seams to do what I want.
I want to rewrite my all site urls from http to https and also preserve URL canonicalation like all url redirected to http://www. How to achieve this goal?
View 1 Replies View RelatedI'm currently struggling with an issue on our Apache 2.2.24 home-rolled installation on an OEL 6.2 x64 linux server that front-ends for a Glassfish cluster via proxypass.The httpd.conf manages 4 virtual hosts with each virtual host entry rewriting to HTTPS.
Anyone trying to access the HTTP address redirects to HTTPS just fine.The issue is that anyone using the HTTPS address gets redirected to the Document Root defined in Apache instead of being proxypassed to Glassfish.
I had set up a dummy DocumentRoot with a simple index.html meta redirect and what happens is that anyone directly accessing HTTPS will hit the index.html file which redirects to the the https site. At this point it simply loops to infinity.
I have Apache 2.2 using cPanel 11 how do I disable apache I was sure it was using this cmd, /etc/httpd/conf/httpd.conf off When I try that I get permission denied and im logged in with root! I also tried this /etc/httpd/conf/httpd.conf chmod 777 permission denied again. Anyways, I need to disable Apache so LiteSpeed will work and I can dump Apache the unforgiven pos that will dos it recieves a request to visit a webpage. (That is over doing it, Apache is really good just if it gets hit it's down easy.)
View 9 Replies View RelatedRecently I use suphp with fcgi on my cPanel Server. When I apply RLimitCPU for each vhost, I see that some scripts that potentially overloading the server is killed. I think this is a good way to control load on server.
But each time a php process killed, apache create a coredump files under users's directory that is large enough to fill user's space limit.
How to disable apache from creating core dump files?
I have try:
- set "ulimit -c 0" on users and root
- set "/proc/sys/fs/suid_dumpable" to 0
- set /etc/security/limits.conf with 0 limit for core parameter
- set CoreDumpDirectory to specific directory ...