Demo Discussion
Forum Config Examples Contributions Vulnerabilities
  Discussion forum about ELOG  Not logged in ELOG logo
icon7.gif   Securing Elog with SSL and Apache, posted by damon nettles on Fri Nov 26 17:13:27 2004 
    icon2.gif   Re: Securing Elog with SSL and Apache, posted by Rob Mahurin on Wed Nov 22 02:55:48 2006 
Message ID: 2088     Entry time: Wed Nov 22 02:55:48 2006     In reply to: 819
Icon: Reply  Author: Rob Mahurin  Author Email: rob@utk.edu 
Category: Comment  OS: Linux  ELOG Version: 2.5.7-1 
Subject: Re: Securing Elog with SSL and Apache 
Hi,

I am an apache ignoramus who has been trying to follow these instructions on a Debian 3.1 box.  I got hung up for
the following reason.  I had to explicitly enable some apache features, which was a simple matter of making the
following symlinks in /etc/apache2/mods-enabled: 

	proxy.conf -> ../mods-available/proxy.conf
	proxy.load -> ../mods-available/proxy.load
	rewrite.load -> ../mods-available/rewrite.load
	headers.load -> ../mods-available/headers.load
	ssl.conf -> ../mods-available/ssl.conf
	ssl.load -> ../mods-available/ssl.load

Easy enough.  The default proxy.conf has sensible-looking warnings about not running your server as an open proxy.
 However, I wasn't able to tweak it to encrypted port forwarding from :443 to :8079.

What I've done that works is to add a local proxy section to the /etc/apache2/conf.d/elogredirect.conf by Damon
Nettles:

	<VirtualHost *:443>
		### ... everything else

		<Proxy *>
			Allow from all
		</Proxy>
	</VirtualHost>

I think, since this is in a subsection, that it only affects that virtual host.  But it'd be nice if someone who
actually understands this language would reassure me that I'm not setting myself up for some security hole.  At
any rate it took me long enough to figure this out that I thought I'd post a note in public, and this seems like
the forum to do so.

Thanks.

Rob
ELOG V3.1.5-fe60aaf