I want to run ZAP or Burp suite on my ubuntu VPS and listen to the public server ip with changing the proxy settings in Firefox in my PC to the Server public ip and the listener port, as i see it's working fine with http requests but it's not working for https, how i can make it to listen to https requests?
I already configured the proxy in my browser and tried to disable HSTS in my browser
I tried to use nginx revers proxy and install certificate on the system and regenerate certificate and import it again on my browser, but no thing work :(
I am using Ubuntu 18.4 with XFCE interface
NOTE: As i said the problem it's not in my local machine, the problem it's in the remote ip address i have changed the listener ip to the public ip, that mean my burp or my zap installed on my VPS, that mean my vps is the proxy server, and my browser in my PC not in my VPS it's my own PC!
Thanks.
Related
My issue is rather simple: How do I configure my setup, so that my WSL (2) instance (ubuntu) could access and use a proxy server served using Burp Suite on the same physical computer, but on the Windows side?
Currently I am getting connection refused, whatever I do. The proxy obviously works fine if I test it in windows.
The proxy is setup to redirect localhost:3001 --> localhost:80. This is where it gets a bit tangly, as the localhost:80 server is in fact running on the WSL instance too.
So basically, I would like a program, FFUF in this case, on WSL to be able to send a request through my Burp Proxy which is on Windows. The proxy then redirects the request back to WSL to the apache2 server that is running there.
WSL (FFUF) --> Windows (Burp proxy) --> WSL (Apache at :80)
I believe there is something I am missing regarding localhost and what is localhost in what case.
localhost from Windows seems to work to reference services running on WSL, but I am not sure it works the other way around...
I have tried using localhost, 127.0.0.1, and the LAN IP of Windows as mentioned in the virtual WSL network. No luck from WSL side yet.
My apache is setup to listen to 0.0.0.0:80
I have a web application that's running inside a docker container.
It's written in Play Framework. My host is an Ubuntu 16.04 server with apache. Docker application use the nginx server. The port 443 is directed to that container. SSL in my Apache server is turned off. Now when i try visiting my domain with https the browser give the warning which is annoying.
So i got some free certificates from sslforfree.com and used it with the docker application but still the warnings come up. Do i need to use those certificates in the apache server too?
Yes.
Your browser speaks with Apache server trying to establish an SSL communication at first, then Apache will try to forward the request to your docker container.
So, indeed, it's only mandatory to secure your Apache instead of the container to have the browser not complaining.
I want to setup a website on my raspberry pi 3 (with raspbian) to be accessible from the internet.
I installed Apache webserver (v 2.4) and Word Press, and I can connect to the website from the LAN.
To have my website accessible from the internet, I configured my router to perform forwarding of port 80 to a static IP given to the raspberry pi.
However, when i try to access the website from the internet (using the public IP 213.57.x.x), the browser is automatically redirected to the internal IP (192.x.x.x).
For me it looks like the default Apache settings (which i didn't change) perform IP forwarding.
I suspect that the Apache is the problem because I do not encounter the same problem on tomcat installed on the machine (so the router configuration is OK).
I am using tomcat on Linux centOs server. I want my java application is working fine on mydomain.com:8080. I want that my when some one hit the domain mydomain.com it automatically move to my java application.
Changin server.xml didm't worked for me. as i am also having apache2 on the server
I guess you have an apache server in port 80. I you do not want to remove apache and change directly the tomcat port ( see comments), you will need to redirect all traffic from port 80 to port 8080.
This can be done using tomcat connectors. They are plugins to connect web servers with Tomcat. When a HTTP request arrives, the plugin checks is it has to be redirected, connects to tomcat and returns the response to server
In the case of apache is needed to install mod_jk. In the link you can see the configuration
is there a way to solve this:
there is a domain example.com, on port 80 it redirects to 443 so it's always SSL connection and it passes to uwsgi via nginx. Now sockets run via a node connection on example.com:3000.
Is there an easy way to have that example.com:3000 run as SSL? The reason why is that Chrome gives a warning that the site includes resources that are not SSL.
I created another server in nginx, with the same domain listener but for different ports and passed the info through to node, and made that port SSL.