Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

cPanel ssl - connection limits?

Discussion in 'Security' started by marklcfc, Feb 20, 2017.

  1. marklcfc

    marklcfc Registered

    Joined:
    Feb 20, 2017
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Leicester
    cPanel Access Level:
    Website Owner
    I am experiencing issues since moving to a https / secure connection. Once it gets to the point I have 900-1000 on my site (going by real time stats on analytics) my site stops loading properly up despite server load and memory usage being low. It says 'establishing secure connection' for around 20-30 seconds and then times out.

    I don't believe this happened before I switched to https. It only starts to load properly again once the number is reduced to aroud 800.

    Does the free cPanel certificate that my hosts use have any limits that could cause this? Any ideas why this happens?
     
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,532
    Likes Received:
    1,966
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    The certificates offered through cPanel do not limit the amount of visitors to your website. Do you notice any output to /usr/local/apache/logs/error_log when this happens?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. asmithjr

    asmithjr Well-Known Member

    Joined:
    Jun 13, 2003
    Messages:
    510
    Likes Received:
    5
    Trophy Points:
    168
    I'm having this same issue. I checked the apache error_log and see
    Code:
    [Wed May 03 14:40:54.041639 2017] [ssl:error] [pid 16360] (101)Network is unreachable: [client 50.246.8.121:24575] AH01974: could not connect to OCSP responder 'ocsp.comodoca.com'
    [Wed May 03 14:40:54.041732 2017] [ssl:error] [pid 16360] AH01941: stapling_renew_response: responder error
    
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. asmithjr

    asmithjr Well-Known Member

    Joined:
    Jun 13, 2003
    Messages:
    510
    Likes Received:
    5
    Trophy Points:
    168
    I just noticed also that I could not ping ocsp.comodoca.com.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. asmithjr

    asmithjr Well-Known Member

    Joined:
    Jun 13, 2003
    Messages:
    510
    Likes Received:
    5
    Trophy Points:
    168
    My issue is resolved. I have CSF running. When I disabled it everything works properly so I flushed everything and restarted.
    I seem to remember reading somewhere that something needed to be added for CSF but I've not found it.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,532
    Likes Received:
    1,966
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    I'm happy to see the issue is now solved. WHM's Manage AutoSSL feature requires outbound access to the store.cpanel.net server over port 443. Additionally, Comodo’s IP addresses should be able to reach your server. You may need to whitelist them in your firewall:

    178.255.81.12
    178.255.81.13
    91.199.212.132
    199.66.201.132

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice