View previous topic :: View next topic |
Author |
Message |
twotone -
Joined: 18 Jun 2005 Posts: 10
|
Posted: Sat Oct 06, 2007 3:22 am Post subject: abyss x1 in https mode and stunnel for http |
|
|
I discovered something rather interesting. I installed an ssl certificate in abyss x1, and switched it to https only mode (port 443). Then I discovered that I could use some different settings in the stunnel.conf file to get stunnel to process the http traffic (port 80). Of course, you have to have both port 80 and 443 forwarded to your server machine's ip address from your router/firewall and both of them open in windows firewall or similar. Here is the stunnel.conf file:
Code: |
[http]
accept = 80
connect = 443
client = yes
|
So now, encrypted traffic comes in on 443 to abyss, and unencrypted traffic comes in on port 80 to stunnel, gets encrypted, and sent to abyss on port 443.
Cool |
|
Back to top |
|
|
admin Site Admin
Joined: 03 Mar 2002 Posts: 1306
|
Posted: Sat Oct 06, 2007 5:00 pm Post subject: Re: abyss x1 in https mode and stunnel for http |
|
|
twotone,
The problem with this idea is that the server will log all request coming on port 80 as being made by 127.0.0.1 only. So you can no more have accurate statistics.
But the worser is that if you have set up some IP access rules, they won't be in effect (because the original IP is not known to the server) and any visitor that messes with your server will make Abyss Web Server black list 127.0.0.1 and no more accept any connection on port 80 from STunnel. _________________ Follow @abyssws on Twitter
Subscribe to our newsletter
_________________
Forum Administrator
Aprelium - https://aprelium.com |
|
Back to top |
|
|
twotone -
Joined: 18 Jun 2005 Posts: 10
|
Posted: Sun Oct 07, 2007 12:13 am Post subject: |
|
|
True. It's definitely not ideal.
But, for my implementation of Abyss, I am exchanging data for a multi-computer ticketing system where only 1-2 "clients" will be accessing the Abyss server, and almost exclusively through https, so I have very little need for stats, and no need for blacklisting. |
|
Back to top |
|
|
pummamoriatug -
Joined: 05 Jul 2010 Posts: 2 Location: Russia
|
Posted: Sun Jul 11, 2010 5:47 am Post subject: abyss x1 in https mode and stunnel for http |
|
|
When you say "it wont set for me," can you be more specific? What exactly is happening? What is your Zen Cart version and what mods have you installed? |
|
Back to top |
|
|
|