How to run 2 web servers on the same machine...

PWD

O.K. Got SSH/SSL up and running in NO time! Woohoo!!! Now I want to make a section of my site SSL only. Anonymoose stated in a post I would have to run TWO servers on the same maching in order to accomplish this.

Questions and problems:

1) Should I have the second server also on port 80?
2) When I attempt to change the port the CONSOLE listens to on my SSL server (normally 9999) and restart the second server it states 'Server up and running, listening problem on port 10000'. I have tried to autodetect another port for the console, but on every restart it says '...Listening problem on port 10001...10002...10003....10007...' ...etc. ANY ideas on what port the SECOND server should be running on?
3) Just want to know HOW or what I need to configure on the SECOND server for it to run ONLY my SSL documents?
4) HOW is Stunnel going to know the difference between the two servers? Is simply typing...https://mysite.com/protected_stuff.php/ enough to connect from the outside?

Forever grateful for your patience!

SIncerely,

PWD
_________________
if (my($_GRATITUDE = 0)) {
kick_me(in the head);
}

Anonymoose · - Joined: 09 Sep 2003 Posts: 2192

I was going to answer your PM about this - I've just had a mad week at work... Sorry.

1) The second server cannot run on the same port as the first server. Any other port will do - the choice is yours. You just set up STunnel to point to this other port instead of port 80 on your first install of Abyss.

2) The second server should have happily started up its console port on the next port up from the first Abyss install. If you're having problems, stop the first Abyss install, start the second one and manually set the port so it does not clash with the first one. It may be that autodetect cannot work with two copies of Abyss running.

3) You have to put the documents you want to be ssl only into a folder structure in the htdocs folder of the second install. Mirror the layout of your site, but leave folders empty where they do not contain documents that should be SSL only. Now in your normal site, you can use a link to https://yoursite/sslonlyfolder/ and it will switch the user from viewing documents in Abyss install #1 to the SSL protected documents in Abyss install #2.

This is the only way to stop people from removing the https:// link and viewing your site in a non secure mode, other than switching your whole site to SSL only.

4) STunnel just points wherever you point it :) As mentioned above, simply change your conf file for STunnel so it is not pointing to the port the first server is running on anymore - update it to point to the port the second instance of Abyss is running on.

Hope this helps, if not, shout up.

PWD · Posted: Sat Jul 09, 2005 4:16 pm Post subject:

No problem --- I have a wife, two kids, two jobs and a partridge in a pear tree!

When I manually set the console port on the second install, and restart the server, it still says listening problem on port (whatever port) funny thing is, if I shut down my first install and restart the second, NO LISTENING PROBLEM on the second install. Then, if I restart my first install, now IT has a listening problem on port 9999.

Anywhoo,

Forever grateful,

PWD
_________________
if (my($_GRATITUDE = 0)) {
kick_me(in the head);
}

Anonymoose · - Joined: 09 Sep 2003 Posts: 2192

Hmmm... Have you tried connecting to the 2 different consoles when the servers are running, even when it shows a listening problem? Maybe Abyss has screwy detection when it comes to 2 servers running on the same machine.

With that said, I think I may have overlooked one feature of Abyss that could mean you only have to use 1 server as normal. I haven't really played with any of the extra features Aprelium added to the new X1, so I may have misunderstood the need for 2 servers. I'll get back to you ASAP.

PWD · Posted: Sat Jul 09, 2005 7:29 pm Post subject:

Found the problem..and resolution to port listening problem:

1) When running 2 servers, you have to change the connect port first. The second copy has to be changed FROM port 80 TO another port of your choosing FIRST. Then you won't have any conflicts with the console port running on 10000.I assume because both were originally conecting on port 80.

2) As seen on other sites (including Google and Paypal) once your visitor enters an SSL encrypted page, their 'visit' is then stuck in stunnel. SO any other links on your page (whether they're http:// or https://) will stay encrypted in SSL. So it's a good idea to copy your entire document tree from server one to server two and then delete the pages you want encrypted with SSL from server one running on port 80.

3) VERY IMPORTANT to note: When installing server number 2, SAVE the install to something other than c:\Program Files\Abyss Web Server. Save to something like 'c:\Program Files\Abyss ssl' or whatever you like.

WORKS LIKE A DREAM!!!!

Check it out (click on the 'Contact Us', 'Order' or 'FamilyZone' tabs):

My site

Many many kudos, thanks and gratitude to Anonymoose for all your time, effort, patience and willingness to help others learn!

If anyone has a question about this post or needs clarification, please PM me.

Forever Grateful,

PWD
_________________
if (my($_GRATITUDE = 0)) {
kick_me(in the head);
}

tyldem · - Joined: 14 Sep 2005 Posts: 2

I have a different problem.

I just used iis5 on port 80 for my website (which is rather basic)

and ran abyss on port 8080 for my ssl (which is the real whopper and purpose for the site.)

but it seems that i can't figure out how to make ssl only work for the abyss server.

it will not accept the 8080 port when it is set in the stunnel.conf file.

Is it perhaps because i use windows explorer?

Maybe if i switch the ports for the servers.

But if someone decides to type in (http://myaddress.com) wontit take it to the site without the ssl?

Maybe i can point to the subdomain as https instead of http, but it would be sweet for stunnel to work on port 8080.