We renewed our SSL certificate about two weeks before it expired, and pushed the new one to our servers.
All has worked well, but a very small percentage of users are complaining that they're seeing errors that the certificate is expired.
Is there some browser or something that would cache the old certificate client-side even past its expiry?
I am having a problem getting Apache to allow access to IE 6/7/8/9 users with client certificates installed to access restricted resources. I have several servers (Windows and Linux) running various versions of Apache from 2.0 through 2.4, all behave the same way. I am simply unable to get client certificates to authenticate IE users. how I built the CAchain, CRLs, etc.
Note that using the same client certs from Firefox works just fine, users can successfully authenticate to the resource and get content.
##### ssl.conf
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite HIGH:MEDIUM
[Code]....
I have a dedicated server with 1gb ram, now I see 468.02 MB used for Cached memory, this is the first time. Why could this be? I have not changed any settings except for turning off safe mode for an account.
View 6 Replies View RelatedUsing version 0.9.5 with the default settings. The cache fills up the shared memory in less than a day. I noticed the cached script is stuck at 176, what happens after this? Will it cache content to disk in the temporary folder (/tmp/eaccelerator/) when the shared memory is full?
View 0 Replies View RelatedI have bough a dedicated server with 2GB Ram, i have installed Hypervm and so surpise when my server is using most of my memory.
I type cat /proc/meminfo
[root@srv ~]# cat /proc/meminfo
MemTotal: 1784832 kB
MemFree: 47576 kB
Buffers: 62976 kB
Cached: 1454172 kB
SwapCached: 84 kB
Active: 251024 kB
Inactive: 1347412 kB
HighTotal: 0 kB
HighFree: 0 kB
LowTotal: 1784832 kB
LowFree: 47576 kB
SwapTotal: 2097144 kB
SwapFree: 2096988 kB
Dirty: 96 kB
Writeback: 0 kB
AnonPages: 81324 kB
Mapped: 26076 kB
Slab: 62488 kB
PageTables: 8844 kB
NFS_Unstable: 0 kB
Bounce: 0 kB
CommitLimit: 2989560 kB
Committed_AS: 416152 kB
VmallocTotal: 34359738367 kB
VmallocUsed: 2252 kB
VmallocChunk: 34359735799 kB
Is this normal when Cached: 1454172 kB?
I recently reorganized my music site, putting my songs in their own directory (off of public_html), and now a couple of search engines are generating a boatload of 404 errors.
Can I redirect the file requests to the new location and, if so, how?
When running OWASP ZAP web security tool, I get the following flag: Secure page can be cached in browser. Cache control is not set in HTTP header nor HTML header. Sensitive content can be recovered from browser storage.
I was surprised since i had the no cache header in both html code and httpd header.
After investigating the flag, i noticed that the response was a generic 302 found error response from Apach (located in apache/src/modules/http/http_protocol.c).
I have added a patch to code when adding the cache-control & pragma html headers with no-cache - and that had solved the security flag (patch attached).
full response given:
header:
HTTP/1.1 302 Found
Date: Sat, 30 Nov 2013 10:44:40 GMT
Server: Apache
X-Frame-Options: DENY
Location: https://*****
Content-Length: 376
Content-Type: text/html; charset=iso-8859-1
body:
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://******">here</a>.</p>
<hr>
<address>Apache Server at 10.209.0.81 Port 443</address>
</body></html>
In conclusion:
Issue is "Secure page can be cached in browser." (found by owasp zap) for https page response "302 Found" from Apache.
As many of you may know mod_cache does not cache directory index
files, this can be fixed with mod_rewrite but the index page of the domain (the homepage) seems to be impossible to cache it. The following rules cache the folders but not the homedir (this means that www.thedomain.com/folder is cached but www.thedomain.com is not):
DirectorySlash Off
RewriteEngine On
RewriteCond %{REQUEST_URI} ([^.*])
RewriteCond "%{DOCUMENT_ROOT}%{REQUEST_URI}/index.htm" -f
RewriteRule "^(.*)$" "$1/index.htm" [NC,L]
RewriteCond %{REQUEST_URI} ^([^.*])$
RewriteCond "%{DOCUMENT_ROOT}%{REQUEST_URI}/index.html" -f
RewriteRule "^(.*)$" "$1/index.html" [NC,L]
RewriteCond %{REQUEST_URI} ^([^.*])$
RewriteCond "%{DOCUMENT_ROOT}%{REQUEST_URI}/index.php" -f
RewriteRule "^(.*)$" "$1/index.php" [NC,L]
Note that DirectorySlash should be off (or mod_dir not loaded) in
order to work also with URL that end with no slash
As I said before this will work for any folder but it does not work for public homedir
directory. So when a user visit [url] it does not
work (unless you type the name of the index file: [url]
For me it is critical to make this work in someway, the index homepage
is the main page that needs to be cached in my case (and in many
others).
Do you know any solution for this? I found the first message about
this in the Internet in 2002 but I'm using last version of apache
httpd and still does not work.
If you have no idea about how to fix it, maybe you know some other easy alternative. Lighttpd + mod_cache + mod_deflate are not compatible: "mod_cache can be used in conjunction with other lighttpd plugins (except mod_deflate and mod_secdownload)"
The upgrade has an error when manage the users database.
PRODUCT, VERSION, VERSION OF MICROUPDATE, OPERATING SYSTEM, ARCHITECTURE
OS Microsoft Windows Server 2008 R2 Service Pack 1 x64
Panel version 11.5.30 Update #13, last updated at Sept 1, 2013 03:30 PM
PROBLEM DESCRIPTION
In a costumer panel have a one database MSSQL, and assign to this DB 3 users, but the tab option "Users" don't work fot his costumer and show this error:
Error Javascript:
TypeError: template is null
this.template = template.toString(); in protototype.js 8472831 (lÃnea 807)
ACTUAL RESULT
Error Javascript:
TypeError: template is null
this.template = template.toString(); in protototype.js 8472831 (lÃnea 807)
EXPECTED RESULT
Show users in the tab users for database.
On my server, users can connect to any database as long as they have the database user and password. This makes it easier to hack any database on the server.
What I want to do is to make the users can only connect to their own databases and not other's.
I tried changing the localhost ip address but it didn't work ( I assume I didn't do it the right way)
I need to setup SSL.
I've never used SSL on any of my websites and I've never really understood how the certificates work.
I understand that SSL is used as a secure connection protocol (https://) and that it needs a valid certificate so that the encrypted data transfer can be committed.
OK makes sence, but why do some websites seem to have such difficultly setting up valid certificates?
You can setup SSL by with Apache + OpenSSL, but why do website hosting providers still allow you to purchase SSL certificates (isn't it supposed to be free)?
Finally, is it possible to setup SSL for a multiple-domain (Victual Host) server?
I have a client who requested me to do a website for his credit union company.
Some of the pages are forms that require customers to enter crucial information ie ssn etc etc. I told him that this can be broken into..and therefore he would need a secure way of transmitting this information. Therefore would the SSL certificate work for this issue? Where do i get one? We have a dedicated server and do i need to configure anything on that? Where can i get a trusted SSL Certificate, and ofcourse help to install it.
if you could recommend a place to get a certificate... I have seen many people talking about that you could get a rapidSSL for $15 +/- , but I was not able to find any sites that low.
View 14 Replies View RelatedA year ago I bought a Geotrust quick SSL vertificate from my dedicated server host for about 299.
Now I see companies like server tastic selling the same Geotrust cert for $79 ehen Geotrusts website is still $299. How can that be? what am I missing here.
who offers the best package?
View 5 Replies View RelatedIf your provider has a self-signed ssl.. anyway you can import those into clients like Outlook or Windows Mail (formerly OE6 on XP)
To stop the nagging prompts.. or is there a setting to stop prompts?
I purchased an EV SSL Cert, and all is fine. Installed via cPanel, and I get the green address bar in Firefox, but not in IE.
Comodo (the vendor) have an Auto-Enhancer feature which automatically tells IE to give me a green bar. They state in their FAQ the following instructions to install the feature:
Replace the bundle file that is in use for the web site.
Use the 'SSLCertificateChainFile' directive instead of the 'SSLCACertificateFile'/'SSLCACertificatePath' directives.
I have download a .CA-BUNDLE file from them.
Please tell me, now what do I do? I am at a lost at their instuctions, and going by my dealings with them, I think I can get help from you guys more accurately and quickly.
The server runs WHM/cPanel 11 with Apache 2 with mod_ssl. Full root access, but I am a Linux newbie.
I do web hosting (reseller); how much, in USD per year, do you think is a "reasonable" fee to charge clients for a shared SSL connection ?
The SSL is going to cost me $$ per year and I may have some use for it, but if clients want a shared SSL, instead of buying their own, I need to apportion the costs I incur somehow, and (maybe) make some small profit. I see the shared SSL as more of a service, but clients should pay _some_ $$ if they want to use one.
Any ideas on how much I should charge, please ?
Thanks,
Peter
I'm just looking for some background information or a place where I can learn more about this.
Here's the problem:
The web site runs on a dedicated Apache server. There's 2 SSL certificates installed, one for e-commerce for https://www.mysite.com and one to help with the administrative interface for https://admin.mysite.com. I run a custom php application that forces the web page from http://www.mysite.com to https://www.mysite.com when going to an e-commerce page.
Generally everything runs Ok but a few times this year there has been a problem where the php application points to https://www.mysite.com/ecom.php but instead it gets https://admin.mysite.com/ecom.php and gets a page not found.
In discussing this with my web hosting company they claim they haven't changed anything but they do manage to fix the problem and get the web site working correctly again.
I generally figure that the web hosting company has done some type of maintenance on the web server and messed-up the dns entries or something for the SSL part of the web site but this is really outside my area of experience. I'm trying to understand what went wrong and where the entries are that determine when going to SSL which SSL certificate/URL is used.
I want to know how to install SSL Certificate and what kind of certificates available. How they work? Is there any cheap and good certificate.
View 5 Replies View RelatedMy website is currently running on http and the plesk control pannel is running on https
However the certificate for https for the plesk panel is out of date and self signed therefore web browsers promit its not valid.
I want to get a valid SSL certificate for https for Plesk, Client/Billing area and the main website.
I want to do it as easy as possiable (as I'm not one for technical stuff but if it was resoniable I could give it a go)
I dont want a self signed and want to try to go for something free or very cheap.
Any got any suggestions? I've looked around and come up with companys wanting alot of money I did come across another which was free but it was self signed.
I currently have a reseller accounts from Thawte, Comodo, and RapidSSL, but have realized that I can purchase Comodo and Geotrust SSL certificates cheaper from Namecheap.com and Enom.com
Namecheap.com support is (as always) superb. Any opinions from Enom.com support?
What about Resellerclub.com? I know that they recently started to sell Thawte certs at very good prices. How good is their support?
I have an ssl certificate installed on my main server. How can I encrypt a page on a website hosted on that server sharing the certificate?
View 11 Replies View RelatedTo cut costs I'm planning on eliminating my VPS and will just host the few sites that I have on my home-office network. However I have 1 site that requires a SSL certificate. Is there an inexpensive solution for doing this that doesn't cost into the thousands per year?
View 14 Replies View RelatedAny recommendations on the cheapest ssl certificates out there.
View 7 Replies View RelatedIf you use SSL certificate, how much do you pay for it per year?
Allwebnow.com offers it for $99.99 per year.
Can an SSL certificate be issued to any tld. Does country matter etc?
View 2 Replies View RelatedI am continuously getting this error message in my error_logs
Invalid method in request x16x03x01
I searched and found out that it is something to do with httpd.conf configurations and SSL. So I asked my provider to check it and solve. First they acknowledge that it was SSL issue but later I was told
Quote:
Since cPanel controls how the virtualhosts are configured this error most likely cannot be fix since cPanel will just revert the change. ..... The SSL connection with the selfsigned cert works beyond kicking out the error, but again cPanel controls the httpd.conf and how the * virtualhosts are configured.
So my question is, Is it common to have this error message with a cPanel VPS?
Is there any solution?
I think I hit this error every time when I login to WHM or cPanel of every domain.
Should this be fixed or it's not exactly an issue.
I am trying to add some new features to my hosting business and have a couple of questions. I have cpanel/whm and clientexec. I would like to offer shared ssl to my customers but don't know how to set that up. Also, how do this hosting companies offer free ad credits to yahoo and google? Is that something you talk to yahoo and google about setting up or what?
View 4 Replies View Related