The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

https vs. http

Discussion in 'General Discussion' started by SupermanInNY, Dec 13, 2003.

  1. SupermanInNY

    SupermanInNY Well-Known Member

    Joined:
    Jul 19, 2003
    Messages:
    255
    Likes Received:
    0
    Trophy Points:
    16
    Hi all,

    Do all customers recieve https to thier site? (I don't mean to the control panel).
    Is there a way to limit that?
    Does it point to the same directory?

    Thanks,

    -Alon.
     
  2. Planet_Master

    Planet_Master Well-Known Member

    Joined:
    Apr 18, 2002
    Messages:
    233
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    New Yorker
    https is the secure server. Would only work if you have an SSL certificate installed on the server. And if so it will go to the same desired page but secured using 128-bit SSL technology.
     
  3. SupermanInNY

    SupermanInNY Well-Known Member

    Joined:
    Jul 19, 2003
    Messages:
    255
    Likes Received:
    0
    Trophy Points:
    16
    Ok.. following that,.. if I install a certificate on the server, can it be shared?
    Is there a way to provide https access to specific clients, but not with their own certificate?

    Thanks,

    -Alon.
     
  4. Planet_Master

    Planet_Master Well-Known Member

    Joined:
    Apr 18, 2002
    Messages:
    233
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    New Yorker
  5. SupermanInNY

    SupermanInNY Well-Known Member

    Joined:
    Jul 19, 2003
    Messages:
    255
    Likes Received:
    0
    Trophy Points:
    16
    I'm still a newbie, so forgive my lack of knowledge about few (well lots) of basic functionalities withinWHM:

    1. What would be a good design for offering secure access to clients:

    https://client1.hostname/whatevertheywantpagehere

    and can I provide them with shell jailed access to their private directory, such that they cannot go outside their client1 subdomain directory using a shell or ftp acct?

    2. With open_ssl in mind, my installed version is indicated as 0.9.7a. Already out is version 0.9.7c which has some fixes to some exploits.
    Can I, should I go about upgrading it outside cPanel updates?

    Thanks for the quick reply.

    -Alon.
     
  6. Planet_Master

    Planet_Master Well-Known Member

    Joined:
    Apr 18, 2002
    Messages:
    233
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    New Yorker
    Your hostname would be the name of your server, for instance:

    server.domain.com

    so you would generate a certificate signing request in WHM for server.domain.com, just replace with your servers name.

    Then your members can use the cert once installed by using the link https://server.domain.com/~theirusername/anypage

    You can also offer a secure server from something like secure.domain.com but you would need to create the DNS zone for secure.domain.com as well.

    You can upgrade open_ssl but I would wait untill it is under layer 1 in the apache builds to make sure it is completely compatible. Also jail your users with SSH for added security from WHM "manage shell access"

    When creating and purchasing the cert PLEASE make sure you choose the correct web server type! Contact your web hosting provider if not sure. For instance we use Apache + MOD SSL

    Certs from GEOtrust are the best and fastest with instant cert generation after the ordering process. They are $149.00 I believe at their site but you can get them for cheaper as we offer the same cert for only $50/year
    http://www.planetgac.net/sslsecure.shtml
     
Loading...

Share This Page