ssl/tls status output is blank

jndawson

Well-Known Member
Aug 27, 2014
227
21
18
Western US
cPanel Access Level
DataCenter Provider
The 'SSL/TLS Status' on one of our cpanel boxes stopped working - page comes up with column headers and blank data (see attached). SSL certs appear as normal in all other links. Not sure when this happened - customer brought it to our attention this morning.

This is true on all accounts we've checked (of about 550 that exist on this server). Also, the 'Advanced settings' toggle doesn't toggle or display anything. Rerunning autossl doesn't make a difference, and the scripts in /scripts/ don't appear to be related to correcting the problem.

using v.66.0.18 on Centos 6.9 w/ EA3

ssl_tls_status.png
 
Last edited:

fuzzylogic

Well-Known Member
Nov 8, 2014
134
78
28
cPanel Access Level
Root Administrator
Maybe have a look at your Modsecurity Hits List at...
WHM Home » Security Center » ModSecurity™ Tools » Hits List
then search for the phrase tls_status
to see if there are any corresponding rule hits.
That page view makes 2 http requests one for the part displayed in your attached image and another for the form content (the missing part of your attached image)
Both requests have the phrase tls_status in the request uri.
 

fuzzylogic

Well-Known Member
Nov 8, 2014
134
78
28
cPanel Access Level
Root Administrator
The request uri for the 2nd request is
/cpsessxxxxxxxxxx/frontend/paper_lantern/security/tls_status/views/view_domains.html.tt
which looks fairly safe to pass through most rule sets.
the response however has some funky looking strings in it though which I would suspect would not pass through many rule sets...
Code:
="{{ :: domain.domain }}">{{ :: domain.domain }}</
would have to be considered high risk for tripping over a rule.

To be blocked by a Response rule SecResponseBodyAccess would have to be set to...
SecResponseBodyAccess On

Modsecurity default value is Off
cPanel OWASP3 (not specified, so Off)
OWASP CRS 3.0.0 (not specified, so Off)
Comodo CWAF_Apache (Set to Off)

This could possibly be a difference between cPanel boxes if they all have the same modsecurity rule sets. (and assuming that a modsecurity rule is causing this problem, which has not been confirmed)
 
Last edited:

jndawson

Well-Known Member
Aug 27, 2014
227
21
18
Western US
cPanel Access Level
DataCenter Provider
Maybe have a look at your Modsecurity Hits List at...
WHM Home » Security Center » ModSecurity™ Tools » Hits List
then search for the phrase tls_status
to see if there are any corresponding rule hits.
That page view makes 2 http requests one for the part displayed in your attached image and another for the form content (the missing part of your attached image)
Both requests have the phrase tls_status in the request uri.
Nope, not a modsec issue, and it's the only cpanel box that it's happening on.
 

fuzzylogic

Well-Known Member
Nov 8, 2014
134
78
28
cPanel Access Level
Root Administrator
Have you had a look at the Response code (in Firefox firebug or Chrome Developer tools) for the second request of that page load?
Or is the 2nd request even being made?
Here are the 2 requests made when I try to reproduce the problem...
Code:
cpsessxxxx/frontend/paper_lantern/security/tls_status/#/
cpsessxxxx/frontend/paper_lantern/security/tls_status/views/view_domains.html.tt
Both requests return a 200 OK response code in my setup.

I can't find the second url hard coded in the html source so I assume it is written by JavaScript.
So if the 2nd request is not being made then suspect a JavaScript error.
If JavaScript error is suspected try changing cPanel theme if not using paper_lantern.
 

jndawson

Well-Known Member
Aug 27, 2014
227
21
18
Western US
cPanel Access Level
DataCenter Provider
I can't find the second url hard coded in the html source so I assume it is written by JavaScript.
So if the 2nd request is not being made then suspect a JavaScript error.
If JavaScript error is suspected try changing cPanel theme if not using paper_lantern.
Thanks for the tip. It's definitely a rendering issue due to javascript error.