abyss x1 in https mode and stunnel for http

 
Post new topic   Reply to topic    Aprelium Forum Index -> SSL/Certificates
View previous topic :: View next topic  
Author Message
twotone
-


Joined: 18 Jun 2005
Posts: 10

PostPosted: Sat Oct 06, 2007 3:22 am    Post subject: abyss x1 in https mode and stunnel for http Reply with quote

I discovered something rather interesting. I installed an ssl certificate in abyss x1, and switched it to https only mode (port 443). Then I discovered that I could use some different settings in the stunnel.conf file to get stunnel to process the http traffic (port 80). Of course, you have to have both port 80 and 443 forwarded to your server machine's ip address from your router/firewall and both of them open in windows firewall or similar. Here is the stunnel.conf file:
Code:

[http]
accept  = 80
connect = 443
client  = yes

So now, encrypted traffic comes in on 443 to abyss, and unencrypted traffic comes in on port 80 to stunnel, gets encrypted, and sent to abyss on port 443.

Cool
Back to top View user's profile Send private message
admin
Site Admin


Joined: 03 Mar 2002
Posts: 1295

PostPosted: Sat Oct 06, 2007 5:00 pm    Post subject: Re: abyss x1 in https mode and stunnel for http Reply with quote

twotone,

The problem with this idea is that the server will log all request coming on port 80 as being made by 127.0.0.1 only. So you can no more have accurate statistics.

But the worser is that if you have set up some IP access rules, they won't be in effect (because the original IP is not known to the server) and any visitor that messes with your server will make Abyss Web Server black list 127.0.0.1 and no more accept any connection on port 80 from STunnel.
_________________
Follow @abyssws on Twitter
Subscribe to our newsletter
_________________
Forum Administrator
Aprelium - https://aprelium.com
Back to top View user's profile Send private message
twotone
-


Joined: 18 Jun 2005
Posts: 10

PostPosted: Sun Oct 07, 2007 12:13 am    Post subject: Reply with quote

True. It's definitely not ideal.

But, for my implementation of Abyss, I am exchanging data for a multi-computer ticketing system where only 1-2 "clients" will be accessing the Abyss server, and almost exclusively through https, so I have very little need for stats, and no need for blacklisting.
Back to top View user's profile Send private message
pummamoriatug
-


Joined: 05 Jul 2010
Posts: 2
Location: Russia

PostPosted: Sun Jul 11, 2010 5:47 am    Post subject: abyss x1 in https mode and stunnel for http Reply with quote

When you say "it wont set for me," can you be more specific? What exactly is happening? What is your Zen Cart version and what mods have you installed?
Back to top View user's profile Send private message Send e-mail Visit poster's website ICQ Number
Display posts from previous:   
Post new topic   Reply to topic    Aprelium Forum Index -> SSL/Certificates All times are GMT + 1 Hour
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB phpBB Group