Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

cPanel ssl - connection limits?

Discussion in 'Security' started by marklcfc, Feb 20, 2017.

  1. marklcfc

    marklcfc Registered

    Joined:
    Feb 20, 2017
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Leicester
    cPanel Access Level:
    Website Owner
    I am experiencing issues since moving to a https / secure connection. Once it gets to the point I have 900-1000 on my site (going by real time stats on analytics) my site stops loading properly up despite server load and memory usage being low. It says 'establishing secure connection' for around 20-30 seconds and then times out.

    I don't believe this happened before I switched to https. It only starts to load properly again once the number is reduced to aroud 800.

    Does the free cPanel certificate that my hosts use have any limits that could cause this? Any ideas why this happens?
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,427
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    The certificates offered through cPanel do not limit the amount of visitors to your website. Do you notice any output to /usr/local/apache/logs/error_log when this happens?

    Thank you.
     
  3. asmithjr

    asmithjr Well-Known Member

    Joined:
    Jun 13, 2003
    Messages:
    503
    Likes Received:
    4
    Trophy Points:
    168
    I'm having this same issue. I checked the apache error_log and see
    Code:
    [Wed May 03 14:40:54.041639 2017] [ssl:error] [pid 16360] (101)Network is unreachable: [client 50.246.8.121:24575] AH01974: could not connect to OCSP responder 'ocsp.comodoca.com'
    [Wed May 03 14:40:54.041732 2017] [ssl:error] [pid 16360] AH01941: stapling_renew_response: responder error
    
     
  4. asmithjr

    asmithjr Well-Known Member

    Joined:
    Jun 13, 2003
    Messages:
    503
    Likes Received:
    4
    Trophy Points:
    168
    I just noticed also that I could not ping ocsp.comodoca.com.
     
  5. asmithjr

    asmithjr Well-Known Member

    Joined:
    Jun 13, 2003
    Messages:
    503
    Likes Received:
    4
    Trophy Points:
    168
    My issue is resolved. I have CSF running. When I disabled it everything works properly so I flushed everything and restarted.
    I seem to remember reading somewhere that something needed to be added for CSF but I've not found it.
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,427
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    I'm happy to see the issue is now solved. WHM's Manage AutoSSL feature requires outbound access to the store.cpanel.net server over port 443. Additionally, Comodo’s IP addresses should be able to reach your server. You may need to whitelist them in your firewall:

    178.255.81.12
    178.255.81.13
    91.199.212.132
    199.66.201.132

    Thank you.
     
Loading...

Share This Page