1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice

accessing domain via https:// completely fails

Discussion in 'Plesk for Linux - 8.x and Older' started by DarkHorizons, Sep 8, 2005.

  1. DarkHorizons

    DarkHorizons Guest

    0
     
    Hello,

    I have a site on my server that has SSL enabled and the cert appears to be installed and set up ok.

    The user has files in the /httpsdocs folder.

    The server is listening on port 443

    The httpd.include and conf files have the 443 entries for the IP address for this site. It is not a shared IP.

    When accessing the site via http:// (no ssl) it comes up fine.

    When accessing the site via https:// the browser will not bring up the site. It gives the 'cannot find server' error, like the entire site does not exist.

    I can't see anything out of the ordinary in the httpd log files or the log files for the site.

    Does anyone have any idea what the problem could be? I am completely out of ideas.

    Thanks in advance.
     
  2. acidbox

    acidbox Guest

    0
     
    Does your firewall have port 443 open?
     
  3. DarkHorizons

    DarkHorizons Guest

    0
     
    I thought that could be the problem as I didn't see 'https' in the INPUT list of iptables. So I added it in there and now I see:

    ACCEPT tcp -- anywhere anywhere tcp dpt:https

    Even after that, I still have the same problem.
     
  4. acidbox

    acidbox Guest

    0
     
    Strange Issue.

    If you have SSL Support enabled for the domain and it doesn't work, thats odd. Did you try using the "Default Certificate" instead of your own just to test?
     
  5. DarkHorizons

    DarkHorizons Guest

    0
     
    I had originally been using the default certificate with the same problems. It would be nice if the server generated an error somewhere but it is acting like it is completely ignoring the request.
     
  6. DarkHorizons

    DarkHorizons Guest

    0
     
    got it working.

    Strange though. The PLESK firewall settings didn't have a rule to open port 443.

    Even though I manually opened port 443 in iptables, it wouldn't work until I set it in the PLESK firewall and then activated that firewall, which of course then hosed all my other iptables rules that I had set up. nice... :(

    oh well.. this part is working and I have mod_security running to smash the script monkeys that normally exploit cgi and php holes.

    Whats the deal with this PLESK firewall? is it just ****?
     
  7. acidbox

    acidbox Guest

    0
     
    It's not so bad once you set it up, but it comes pretty open by default. Check out www.eth0.us for some good tips on server security. They recommend APF firewall. I use it on Ensim servers.
     
  8. DarkHorizons

    DarkHorizons Guest

    0
     
    Can APF be simply installed and run on top of already running firewall stuff? (like the plesk default settings)
     
  9. acidbox

    acidbox Guest

    0
     
    If you disable the Plesk firewall from inside the Panel, it is perfectly safe to install APF on your server. It is a pretty darn good firewall.

    Has a nice and easy install script too.

    If you follow the tutorial on the eth0.us website, it tells you what ports to open up (basically the same ones that the plesk firewall has open).
     
  10. DarkHorizons

    DarkHorizons Guest

    0
     
    I don't see an option to turn it off in the control panel.
     
  11. DarkHorizons

    DarkHorizons Guest

    0
     
    i do like the apf stuff though. looks very nice and super easy to install and configure.
     
Loading...