Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

ssl/tls status output is blank

Discussion in 'Security' started by jndawson, Sep 1, 2017.

  1. jndawson

    jndawson Well-Known Member

    Joined:
    Aug 27, 2014
    Messages:
    167
    Likes Received:
    18
    Trophy Points:
    18
    Location:
    Western US
    cPanel Access Level:
    DataCenter Provider
    The 'SSL/TLS Status' on one of our cpanel boxes stopped working - page comes up with column headers and blank data (see attached). SSL certs appear as normal in all other links. Not sure when this happened - customer brought it to our attention this morning.

    This is true on all accounts we've checked (of about 550 that exist on this server). Also, the 'Advanced settings' toggle doesn't toggle or display anything. Rerunning autossl doesn't make a difference, and the scripts in /scripts/ don't appear to be related to correcting the problem.

    using v.66.0.18 on Centos 6.9 w/ EA3

    ssl_tls_status.png
     
    #1 jndawson, Sep 1, 2017
    Last edited: Sep 1, 2017
  2. fuzzylogic

    fuzzylogic Well-Known Member

    Joined:
    Nov 8, 2014
    Messages:
    50
    Likes Received:
    23
    Trophy Points:
    8
    cPanel Access Level:
    Root Administrator
    Maybe have a look at your Modsecurity Hits List at...
    WHM Home » Security Center » ModSecurity™ Tools » Hits List
    then search for the phrase tls_status
    to see if there are any corresponding rule hits.
    That page view makes 2 http requests one for the part displayed in your attached image and another for the form content (the missing part of your attached image)
    Both requests have the phrase tls_status in the request uri.
     
  3. fuzzylogic

    fuzzylogic Well-Known Member

    Joined:
    Nov 8, 2014
    Messages:
    50
    Likes Received:
    23
    Trophy Points:
    8
    cPanel Access Level:
    Root Administrator
    The request uri for the 2nd request is
    /cpsessxxxxxxxxxx/frontend/paper_lantern/security/tls_status/views/view_domains.html.tt
    which looks fairly safe to pass through most rule sets.
    the response however has some funky looking strings in it though which I would suspect would not pass through many rule sets...
    Code:
    ="{{ :: domain.domain }}">{{ :: domain.domain }}</
    would have to be considered high risk for tripping over a rule.

    To be blocked by a Response rule SecResponseBodyAccess would have to be set to...
    SecResponseBodyAccess On

    Modsecurity default value is Off
    cPanel OWASP3 (not specified, so Off)
    OWASP CRS 3.0.0 (not specified, so Off)
    Comodo CWAF_Apache (Set to Off)

    This could possibly be a difference between cPanel boxes if they all have the same modsecurity rule sets. (and assuming that a modsecurity rule is causing this problem, which has not been confirmed)
     
    #3 fuzzylogic, Sep 2, 2017
    Last edited: Sep 2, 2017
  4. jndawson

    jndawson Well-Known Member

    Joined:
    Aug 27, 2014
    Messages:
    167
    Likes Received:
    18
    Trophy Points:
    18
    Location:
    Western US
    cPanel Access Level:
    DataCenter Provider
    Nope, not a modsec issue, and it's the only cpanel box that it's happening on.
     
  5. fuzzylogic

    fuzzylogic Well-Known Member

    Joined:
    Nov 8, 2014
    Messages:
    50
    Likes Received:
    23
    Trophy Points:
    8
    cPanel Access Level:
    Root Administrator
    Have you had a look at the Response code (in Firefox firebug or Chrome Developer tools) for the second request of that page load?
    Or is the 2nd request even being made?
    Here are the 2 requests made when I try to reproduce the problem...
    Code:
    cpsessxxxx/frontend/paper_lantern/security/tls_status/#/
    cpsessxxxx/frontend/paper_lantern/security/tls_status/views/view_domains.html.tt
    Both requests return a 200 OK response code in my setup.

    I can't find the second url hard coded in the html source so I assume it is written by JavaScript.
    So if the 2nd request is not being made then suspect a JavaScript error.
    If JavaScript error is suspected try changing cPanel theme if not using paper_lantern.
     
  6. jndawson

    jndawson Well-Known Member

    Joined:
    Aug 27, 2014
    Messages:
    167
    Likes Received:
    18
    Trophy Points:
    18
    Location:
    Western US
    cPanel Access Level:
    DataCenter Provider
    Thanks for the tip. It's definitely a rendering issue due to javascript error.
     
  7. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,220
    Likes Received:
    1,376
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Do you notice any output to /usr/local/cpanel/logs/error_log when you encounter this issue?

    Thank you.
     
  8. jndawson

    jndawson Well-Known Member

    Joined:
    Aug 27, 2014
    Messages:
    167
    Likes Received:
    18
    Trophy Points:
    18
    Location:
    Western US
    cPanel Access Level:
    DataCenter Provider
    No, nothing in any logs anywhere. That's what's puzzling. We'll be opening a ticket, at some point, if we can't figure it out.
     
  9. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,220
    Likes Received:
    1,376
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Could you post the ticket number here once the ticket is opened?

    Thanks.
     
Loading...

Share This Page