The https of my website does not appear as secure when I use Google Chrome on my desktop, but it does when I use it on my phone.
This is for an Ubuntu server, running WordPress, Let's Encrypt, PHP5 and APache 2. I've tried to install NginX too, but the problem does not get solved. I have no idea what it is going on, plus the fact that this is the first website I am developing by myself.
This is my ufw status:
22/tcp ALLOW Anywhere
443/tcp ALLOW Anywhere
80/tcp ALLOW Anywhere
Apache Full ALLOW Anywhere
Nginx HTTP ALLOW Anywhere
22/tcp (v6) ALLOW Anywhere (v6)
443/tcp (v6) ALLOW Anywhere (v6)
80/tcp (v6) ALLOW Anywhere (v6)
Apache Full (v6) ALLOW Anywhere (v6)
Nginx HTTP (v6) ALLOW Anywhere (v6)
Also, everything seems alright when I check the certificates on https://www.ssllabs.com/
My website is www.floristeriarequena.es
Thanks in advance!
The https of my website does not appear as secure when I use Google Chrome on my desktop ...
I'm not sure what exactly you mean with this, but your site seem to include resources from https://68.183.217.125/..., i.e. you are using the IP address 68.183.217.125 in the URL instead of the hostname www.floristeriarequena.es. Only, the certificate is valid for www.floristeriarequena.es and not 68.183.217.125 which results in certificate errors. This results in a failure to load style sheets etc and can be in the developer console seen as:
Related
When I tried to configure my nginx app with certboot following this tutorial and others like. I allways step with the same amswer from certbot
Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins
selected: Authenticator nginx, Installer nginx Obtaining a new
certificate Performing the following challenges: http-01 challenge for
sicocme.enterpriserealdomain.com http-01 challenge for
www.sicocme.enterpriserealdomain.com Waiting for verification...
Cleaning up challenges Failed authorization procedure.
sicocme.enterpriserealdomain.com (http-01):
urn:ietf:params:acme:error:connection :: The server could not connect
to the client to verify the domain :: dns :: DNS problem: NXDOMAIN
looking up A for sicocme.enterpriserealdomain.com,
www.sicocme.enterpriserealdomain.com (http-01):
urn:ietf:params:acme:error:connection :: The server could not connect
to the client to verify the domain :: dns :: DNS problem: NXDOMAIN
looking up A for www.sicocme.enterpriserealdomain.com
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: sicocme.enterpriserealdomain.com Type: connection
Detail: dns :: DNS problem: NXDOMAIN looking up A for
sicocme.enterpriserealdomain.com
Domain: www.sicocme.enterpriserealdomain.com Type: connection
Detail: dns :: DNS problem: NXDOMAIN looking up A for
www.sicocme.enterpriserealdomain.com
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
When I check my domain server the A record is there for both www and no-www with the correct IP address. The server has access to network and can access or be accessed by IP or domain name which proves that the DNS domain recognizes this machine and exists
Also I make shure to allow the proper ports with ufw
To Action From
-- ------ ----
443/tcp ALLOW Anywhere
80/tcp ALLOW Anywhere
22/tcp ALLOW Anywhere
5432/tcp ALLOW Anywhere
Nginx Full ALLOW Anywhere
443/tcp (v6) ALLOW Anywhere (v6)
80/tcp (v6) ALLOW Anywhere (v6)
22/tcp (v6) ALLOW Anywhere (v6)
5432/tcp (v6) ALLOW Anywhere (v6)
Nginx Full (v6) ALLOW Anywhere (v6)
Why could this be happening?
Thanks in advance!
This is the same issue but with the Apache
check the A record has set with the server then
sudo certbot --apache -d DOMAIN_WOTHOUT_WWW -d DOMAIN_WITH_WWW
Then it will work fine.
The problem is that your DNS records are not propagated yet. See below url -
https://dnsmap.io/#A/sicocme.enterpriserealdomain.com
Make sure your DNS records are propagated all over than things should be fine.
You should add a new DNS record for www.yourdomain.com (for www).
I think you have added only DNS record for '#'
please check this:
Recently I installed SSL cetificates through Certbot on apache2 server, and my website can be accessed through HTTPS. I have also enabled redirect to HTTPS. But I can no longer connect to the server via SSH. What can I do now?
You should allow the 22/tcp while setting up the ssl certificates.
To do this, you have to check if ufw statusis active.
If it is inactive, then let you allow active.
sudo ufw enable
sudo ufw default deny
And then execute sudo ufw status command and you have to see following.
Status: active
To Action From
-- ------ ----
Apache Full ALLOW Anywhere
22/tcp ALLOW Anywhere
Apache Full (v6) ALLOW Anywhere (v6)
22/tcp (v6) ALLOW Anywhere (v6)
If you can't see the 22/tcp is allowed, then allow the ssh.
sudo ufw allow ssh
Then you will be able to connect to the server using SSH after installing ssl certificate.
While setting up, if the UFW is set to allow port 80(HTTP) and 443(HTTPS), but not 22(SSH), then HTTP and HTTPS would work fine but not SSH. This means that you can get locked out of your server if you don't allow connecting to it via port 22 (SSH).
I'm a newbie in httpd and my problem is I cannot access my webpage from other computer.
What I am trying to do is deploying with minimal httpd.conf file with following https://www.youtube.com/watch?v=1ZioHruINOA.
/etc/httpd/conf/httpd.conf is
Listen 0.0.0.0:80
User apache
Group apache
ServerName www.example.com
ErrorLog /var/log/httpd/error.log
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule dir_module modules/mod_dir.so
DirectoryIndex index.html
DocumentRoot /var/www/html
<Directory /var/www/html>
AllowOverride None
Order allow,deny
allow from all
</Directory>
after I run command
sudo apachectl start
w3m 172.31.30.53
I can see the desired webpage(/var/www/html/index.html)
However, running command
w3m 172.31.30.53
on other computer's terminal does not work.
Thank you in advance.
edit1:
sudo ufw status
Status: active
To Action From
-- ------ ----
Apache Full ALLOW Anywhere
22 ALLOW Anywhere
80 ALLOW Anywhere
Anywhere ALLOW 0.0.0.0
Apache Full (v6) ALLOW Anywhere (v6)
22 (v6) ALLOW Anywhere (v6)
80 (v6) ALLOW Anywhere (v6)
edit2:
/etc/apache2$ nmap 127.0.0.1
Starting Nmap 6.40 ( http://nmap.org ) at 2018-05-20 21:31 UTC
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00019s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
Nmap done: 1 IP address (1 host up) scanned in 0.91 seconds
Sounds to me that you are trying to run your webserver on a Linux machine. If you want to access your webpages from other computers, you might want to check your firewall settings. Accessing locally should work, but depending on your distro, you'll have to allow access. On Ubuntu you'll have to check ufw.
EDIT 1:
Try nmap from another machine. This way you can see what ports are available. Example: nmap yourmachine
I have read several questions here and still nothing is working.
I am trying to access my test site from a remote computer (either network or wan but i need wan eventually)
I just re-downloaded the newest XAMPP for windows 10.
I can go to localhost (also the other 3 names I setup in the host file to redirect to localhost) and of course 127.0.0.1 (localhost).
If I try and use my ip address of the computer or someone else trys my ip address on their computer, we get page cant be found (from chrome)
If I check apache access logs I see nothing about an access attempt.
Netstat -a shows these two records
TCP 0.0.0.0:80
TCP 0.0.0.0:443
TCP [::]:80
TCP [::]:443
I have gone to Windows Firewall -> Advanced Settings -> Inbound rule. Here it shows that appache has 2 rules, one for UDP and one for TCP allowing all ports.
I have gone to my rounter and port forwarded 80 & 443 (which is what xampp is running on) and still nothing
I even have put my computer in a DMZ. I also turned off the windows firewall. (all back on after testing of course this is dangerous).
Xampp has no locationmatch in xampp-http.conf like other questions.
My vhost file has the directory setup like this:
<Directory "C:/Users/username/Desktop/git repos/stats-website">
AllowOverride All
Order Allow,Deny
Allow from all
Require all granted
</Directory>
This is my testing rig and I am now testing an API that is being accessed externally before I send it to the production server. I have been at this for 2 days and out of all possibilities
UPDATE
I have solved the issue somewhat. I can now get to it from everything except localhost or 127.0.0.1
In httpd.conf I changed it from just Listen 80 to Listen pcipaddress:80. I thought listen 80 defaulted to binding on more than just localhost
# Change this to Listen on specific IP addresses as shown below to
# prevent Apache from glomming onto all bound IP addresses.
#
Listen 192.168.1.241:80
#Listen 80
How do I do it so it works both localhost and also remote connections?
When I run Apache and have it configured to listen at ports 80 and 443, is it only listening for local traffic on my network? How can I tell if my server is visible to the web? (I want to keep it private for local development purposes) I think that for others to have access to my server, I would have to actually open up ports 80 and 443 on my router, but I have to say I'm pretty confused. Any help would be appreciated!
The ports have nothing to do with whether it's visible on the web. It's the IP address that the server is listening on and whether that IP address is allowed, to accept inbound connections if there is a firewall in front of it. So if you are using Localhost or an RFC 1918 IP address, then there is nothing to worry about. It has to use a publicly accessible IP address or hostname.
When Apache starts, it binds to some port and address on the local
machine and waits for incoming requests. By default, it listens to all
addresses on the machine. However, it may need to be told to listen on
specific ports, or only on selected addresses, or a combination of
both. This is often combined with the Virtual Host feature, which
determines how Apache responds to different IP addresses, hostnames
and ports.
https://httpd.apache.org/docs/2.2/bind.html
Also if you are behind a router, until you port forward your router on 80 or 443, nothing is going to get through from the outside.
You did not specify the OS/distribution you are using so it's a little hard to guess where you apache.conf or httpd.conf is located, you need to find it (including the ssl.conf file).
Somewhere right at the top you will find a few lines talking about "Listen: allows you to bind apache". You can limit this to your network of your local computer including localhost, now assuming you ipaddress is 192.168.10.1:
Listen 127.0.0.1:80
Listen 192.168.10.1:80
A little further down you will find a section talking about "DocumentRoot", right after that it will talk about "Directory", make it look like:
<Directory />
Order Allow, Deny
Deny From All
allow from 192.168.0.0
allow from 127.0.0.1
</Directory>
and depending where your document root is:
<Directory /var/www>
Order Allow, Deny
Deny From All
allow from 192.168.0.0
allow from 127.0.0.1
</Directory>
This will only allow local traffic to get to your server. You need to make sure that your ip address is within the range of 192.168.0.0.
Note that you need to do the same in the file called "ssl.conf".