I will try to give as many details as possible. If there is any more information or certain configs you would like to see in a file then please let me know. I have a very basic linux knowledge, although I have used kali and backtrack quite a bit so I know my way around not too bad in command line but still stumble on some things.
Ok. So I set up a machine to run Ubuntu Server 16.04 on my local network and serving to the web as well and I have been successful with setting up 3 virtual web hosts, ftp, plex media server. I am using a free domain name for my 3 virtual hosts. One is running wordpress, another basic html, and another that was still blank at the moment. Everything was working perfectly. The problem arose when I tried to set up SSL. I followed this Digital Ocean Tutorial and everything broke except SSH. I have tried this many times over and reformatted my machine and tried again, wondering if I messed up somewhere so I would try again and it always breaks at this point.
I am doing my local work from my Win7 pc, using Chrome, PuTTY, and FIleZilla. I have my host file setup to direct the 3 site names directly to my server just for simplicity I can access my 3 sites locally using http, but when I try through https I get the generic apache page. For testing from the internet I am using my phones cell connection. I can access my sites via http, but https gives me the generic page. I also get that warning about having a self signed certificate. If I try to goto http://sitex.forwarder.com:443 I get a "Bad Request" error, which is kind of expected.
I followed this Digital Ocean Tutorial to at least get the SSL part working and FTP is broken now too. I had FTP working prior and I adjusted the file locations and such for my configuration. FileZilla times out while trying to connect.
After things didn't work so well I did try to see what some other tutorials had written and adjusted to my configuration, or lack thereof, and shockingly I got some things kinda working again.
Below is the general format of all of my sites .conf files.
Code:
<VirtualHost *:80>
ServerName sitex.forwarder.net
ServerAdmin my@email.com
DocumentRoot /var/www/sitex/html
ServerAlias www.sitex.forwarder.net
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
This is how my 000-default.conf file looks
Code:
<VirtualHost *:80> ServerAdmin my@email.com
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
Redirect permanent "/" "https://10.0.0.101/" #my local host IP
</VirtualHost>
This is my ssl-params.conf file
Code:
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDHSSLProtocol All -SSLv2 -SSLv3
SSLHonorCipherOrder On
#Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"
Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains"
Header always set X-Frame-Options DENY
Header always set X-Content-Type-Options nosniff
SSLCompression off
SSLSessionTickets Off
SSLUseStapling on
SSLStaplingCache "shmcb:logs/stapling-cache(150000)"
SSLOpenSSLConfCmd DHParameters "/etc/ssl/certs/dhparam.pem"
My default-ssl.conf file
Code:
<VirtualHost _default_:443> ServerAdmin my@email.com
ServerName 10.0.0.101 #My local IP
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.crt
SSLCertificateKeyFile /etc/apache2/ssl/apache.key
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
</VirtualHost>
Does anyone know what my problem is? Thank you all for your time. I appreciate it.
Bookmarks