cPanel ssl - connection limits?

M

marklcfc

Registered
Feb 20, 2017
1
0
1
Leicester
cPanel Access Level
Website Owner
I am experiencing issues since moving to a https / secure connection. Once it gets to the point I have 900-1000 on my site (going by real time stats on analytics) my site stops loading properly up despite server load and memory usage being low. It says 'establishing secure connection' for around 20-30 seconds and then times out.

I don't believe this happened before I switched to https. It only starts to load properly again once the number is reduced to aroud 800.

Does the free cPanel certificate that my hosts use have any limits that could cause this? Any ideas why this happens?
 
cPanelMichael

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,880
2,268
463
Hello,

The certificates offered through cPanel do not limit the amount of visitors to your website. Do you notice any output to /usr/local/apache/logs/error_log when this happens?

Thank you.
 
A

asmithjr

Well-Known Member
Jun 13, 2003
516
8
168
I'm having this same issue. I checked the apache error_log and see
Code: 
[Wed May 03 14:40:54.041639 2017] [ssl:error] [pid 16360] (101)Network is unreachable: [client 50.246.8.121:24575] AH01974: could not connect to OCSP responder 'ocsp.comodoca.com'
[Wed May 03 14:40:54.041732 2017] [ssl:error] [pid 16360] AH01941: stapling_renew_response: responder error
 
A

asmithjr

Well-Known Member
Jun 13, 2003
516
8
168
I just noticed also that I could not ping ocsp.comodoca.com.
 
A

asmithjr

Well-Known Member
Jun 13, 2003
516
8
168
My issue is resolved. I have CSF running. When I disabled it everything works properly so I flushed everything and restarted.
I seem to remember reading somewhere that something needed to be added for CSF but I've not found it.
 
cPanelMichael

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,880
2,268
463
asmithjr said:
My issue is resolved. I have CSF running. When I disabled it everything works properly so I flushed everything and restarted.
I seem to remember reading somewhere that something needed to be added for CSF but I've not found it.
Click to expand...
I'm happy to see the issue is now solved. WHM's Manage AutoSSL feature requires outbound access to the store.cpanel.net server over port 443. Additionally, Comodo’s IP addresses should be able to reach your server. You may need to whitelist them in your firewall:

178.255.81.12
178.255.81.13
91.199.212.132
199.66.201.132

Thank you.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
A AutoSSL not generating certificate for domains with previous external certificates (cPanel or ZeroSSL), even after expiration or deletion Security 1
B SOLVED CPANEL-42515 - PCI Scan complaint about Web Server Predictable Session ID Vulnerability with port 2087 / tcp over ssl Security 12
R Does the cPanel iOS app use an SSL connection? Security 2
N cPanel Won't Load SSL Connection Failed Security 6
ronaldst cPanel on unsecure connection while wildcard SSL Cert. installed Security 14
Similar threads
AutoSSL not generating certificate for domains with previous external certificates (cPanel or ZeroSSL), even after expiration or deletion
SOLVED CPANEL-42515 - PCI Scan complaint about Web Server Predictable Session ID Vulnerability with port 2087 / tcp over ssl
Does the cPanel iOS app use an SSL connection?
cPanel Won't Load SSL Connection Failed
cPanel on unsecure connection while wildcard SSL Cert. installed
Top Bottom