The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

https doesn't work on a site.

Discussion in 'General Discussion' started by dkz, Jul 6, 2005.

  1. dkz

    dkz Well-Known Member

    Joined:
    Sep 10, 2004
    Messages:
    100
    Likes Received:
    0
    Trophy Points:
    16
    Hello,

    I have a website up that I recently installed a new SSL certificate and is on it's own IP but every few hours the https address becomes unreachable and the only way to get the site back up is to restart apache in WHM. I can still connect to WHM securely via IP address so I don't think it is anything with openSSL. What could it possibly be?

    Any help is greatly appreciated...
     
  2. mesalehi

    mesalehi Registered

    Joined:
    Jul 6, 2005
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    i have the same problem !!.
    i do any thing but i can not start a https.
    help me too.

    i know it is depend on server setting but i dont know which settings?
     
  3. DWHS.net

    DWHS.net Well-Known Member
    PartnerNOC

    Joined:
    Jul 28, 2002
    Messages:
    1,569
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    LA, Costa RIca
    cPanel Access Level:
    Root Administrator
    Ths happened to me but was caused by APF firewall, when I disabled it the server working o.k. again.
     
  4. dkz

    dkz Well-Known Member

    Joined:
    Sep 10, 2004
    Messages:
    100
    Likes Received:
    0
    Trophy Points:
    16
    Well if APF is causing it, there has to be a workaround. Disabling the firewall is not an option... Why would APF disable only the https pages assuming port 443 is open?
     
    #4 dkz, Jul 6, 2005
    Last edited: Jul 6, 2005
  5. DWHS.net

    DWHS.net Well-Known Member
    PartnerNOC

    Joined:
    Jul 28, 2002
    Messages:
    1,569
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    LA, Costa RIca
    cPanel Access Level:
    Root Administrator
    Good question, It just happened yesterday. Half the work was blocked from my ssl connection but some where fine. I disabled APF and it seemed fine from the user that had the problem. The problem was a timed out issue which is strange since APF just blocks the connection not delays it. Yesterday on another server I had people all over the world not connecting to any pages on a server, yet when I disabled APF the server worked fine again.

    I am going to back to our old firewall for now.
     
  6. AndyReed

    AndyReed Well-Known Member
    PartnerNOC

    Joined:
    May 29, 2004
    Messages:
    2,222
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Minneapolis, MN
    Just in case:

    To completely remove APF

    1) SSH to your server and run these commands:

    service apf stop
    /sbin/chkconfig --del apf
    iptables -F
    iptables --flush

    2) Remove cron jobs and entries:
    vi /etc/crontab
    rm -f /etc/cron.daily/fw
    rm -rf /etc/apf
    rm -f /etc/init.d/apf /var/log/apf*

    3) Check your config
    /sbin/chkconfig --list
    grep apf /var/log/cron
    grep bfd /var/log/cron

    4) Remove BFD be deleting its directory and conf files

    /path/to/ipaliases restart

    Hope this helps!
     
  7. DWHS.net

    DWHS.net Well-Known Member
    PartnerNOC

    Joined:
    Jul 28, 2002
    Messages:
    1,569
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    LA, Costa RIca
    cPanel Access Level:
    Root Administrator
    Shoot, I have to do this on about 25 servers today. Weren't you the one that said there is no free lunches. :p

    Complaints have been coming in all day! :eek:

    Thanks for the remove help.
     
  8. dkz

    dkz Well-Known Member

    Joined:
    Sep 10, 2004
    Messages:
    100
    Likes Received:
    0
    Trophy Points:
    16
    I figured out my problem is with SIM (System Integrity Monitor) restarting apache without SSL support. I'm going to post a message on rfxnetworks to see how to get around this. Until then I'm going to remove the cron job for SIM.
     
  9. SherKhan

    SherKhan Member

    Joined:
    Nov 29, 2001
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    Are you sure that port 443 is listed into your conf.apf file under the IG_TCP_CPORTS list?
    Be sure also to restart APF after modify the file.

    Hope this help.
     
Loading...

Share This Page