Results 1 to 8 of 8
  1. #1
    Join Date
    Jan 2006
    Posts
    264

    My user's sites are trying to authenticate to MY crt & key.

    I have a vps server in which I have setup Direct Admin on as the control panel. I also have a site setup in there with a dedicated IP address.

    Everything is working fine for the site. However, the SSL is not working by default. For some reason, in order to get it working I have to manually edit /etc/httpd/conf/ips.conf which is not a good thing because everytime I create or remove a domain in Direct Admin, it re-writes that file and changes all of the other stuff that I added.

    Is there anyone here that knows why this is happening??

    Note: In order to get it working, I have to force it to look at the user level SSL crt & key. otherwise, it is trying to authenticate with the server's crt & key.

    Please help! I have someone that wants to sign up for hosting and I don't want to screw up their site down the road.

  2. #2
    Join Date
    Nov 2005
    Location
    Michigan, USA
    Posts
    3,872
    Hello,

    What did you have to change in ips.conf for it to work? Did you make sure you assigned the dedicated IP correctly in DirectAdmin?


  3. #3
    Join Date
    Jan 2006
    Posts
    264
    In order to get it to work, I had to add the following:

    Code:
    NameVirtualHost 74.63.67.149:80
    NameVirtualHost 74.63.67.149:443
    
    <VirtualHost 74.63.67.149:80>
            ServerName private.domain
            ScriptAliasMatch ^/~([^/]+)/+cgi-bin/+(.*) /home/$1/public_html/cgi-bin/$2
            AliasMatch ^/~([^/]+)(/.*)* /home/$1/public_html$2
            DocumentRoot /home/admin/public_html
    
            SuexecUserGroup admin admin
    
            CustomLog /var/log/httpd/homedir.log homedir
    </VirtualHost>
    
    <VirtualHost 74.63.67.149:443>
            SSLEngine on
            SSLCertificateFile /home/admin/ssl/monytime.ca.crt
            SSLCertificateKeyFile /home/admin/ssl/monytime.ca.key
            ServerName shared.domain
            ScriptAliasMatch ^/~([^/]+)/+cgi-bin/+(.*) /home/$1/public_html/cgi-bin/$2
            AliasMatch ^/~([^/]+)(/.*)* /home/$1/public_html$2
            DocumentRoot /home/admin/public_html
    
            SuexecUserGroup admin admin
    
            CustomLog /var/log/httpd/homedir.log homedir
    </VirtualHost>

    As far as the dedicated IP, I added it by going into Admin Level > IP Management and assigning the IP to the Resller User which in this case is admin.

    Then I went to Reseller Level > IP Management and cleared it so that it wasn't shared. Then I went to Reseller Level > List Users > Clicked on user name > Modify User, and assigned the IP that I wanted that was 'free'.

    Now... If I go back to Admin Level > IP Management, it shows that the IP is owned by Reseller 'admin' and then it lists the user as 'admin' (because in this case the site that I've got setup is in 'admin' user level area.

  4. #4
    Join Date
    Oct 2006
    Location
    New York, NY
    Posts
    1,034
    Quote Originally Posted by zincoxide View Post
    Please help! I have someone that wants to sign up for hosting and I don't want to screw up their site down the road.
    If your going to offer commercial hosting, and step up from just using the server as a hobby, my suggestion to you would be to either hire a competent SA or to upgrade your VPS to a managed account. You can get someone like PSM to take care of these issues for you for around less than $40/m on your server and get immediate results.

    Having an unmanaged server when you don't know all that much about administration and offering commercial hosting services is not a very good idea at all.

    WebHostingTalk is a great place to get lots of information and help, but unfortunately once you have even a single paying customer on your server, if you don't know what your doing things will turn sour really fast. Are you going to wait until someone responds to your thread with a solution so you can help your customer? If so, that customer probably won't stick around in the long haul.

    Good luck.

  5. #5
    Join Date
    Nov 2005
    Location
    Michigan, USA
    Posts
    3,872
    Since the VPS is hosted with us, We'd be glad to try and help you resolve it if you open a ticket with us. We offer our basic managed included with every server using DA so we can try to have it resolved for you. It looks like you have done everything right, but it might be easier if one of our techs login.


  6. #6
    Join Date
    Jan 2006
    Posts
    264
    Quote Originally Posted by seankoons View Post
    If your going to offer commercial hosting, and step up from just using the server as a hobby, my suggestion to you would be to either hire a competent SA or to upgrade your VPS to a managed account. You can get someone like PSM to take care of these issues for you for around less than $40/m on your server and get immediate results.

    Having an unmanaged server when you don't know all that much about administration and offering commercial hosting services is not a very good idea at all.

    WebHostingTalk is a great place to get lots of information and help, but unfortunately once you have even a single paying customer on your server, if you don't know what your doing things will turn sour really fast. Are you going to wait until someone responds to your thread with a solution so you can help your customer? If so, that customer probably won't stick around in the long haul.

    Good luck.
    Although I appreciate your response, I'm not doing this as a hobby. Right now, the client that I'm putting on I'll be hosting for free. So, if they don't want to wait a day to get an answer they can go somewhere!! I know the person, so it's not that big of a deal.

    I specifically chose RMW for my vps provider because of positive feedback on this forum and that every account comes with basic management. I'm interested in learning how to do it, not have someone do it for me all the time.

    For example, I had someone offer to setup/harden my vps and I asked if instead they would be willing to tell me the steps. Good thing I did because when they were finished, I did something a couple days later which really messed it up. I was able to reset everything and I only had to ask a couple of questions. Then I posted what I did on another linux forum and they said that I had taken an excellent approach to securing it. But, that I still needed to monitor things down the road and not get over confident.

    This is why I'm posting here. I could probably hire someone for under $100 bucks to set this thing up, but in 2 months, if a client has a problem, what am I going to do pay $50 to fix it?? No way... It just doesn't make sense.

    So... To make a short answer long () I am interested in learning this stuff. I don't have paying customers at this point, so it is a perfect time for me to learn it.

    I'm sorry if this came across wrong, but no ill-will is meant.

  7. #7
    Join Date
    Oct 2006
    Location
    New York, NY
    Posts
    1,034
    Quote Originally Posted by zincoxide View Post
    I specifically chose RMW for my vps provider because of positive feedback on this forum and that every account comes with basic management. I'm interested in learning how to do it, not have someone do it for me all the time.

    Ah, that makes more sense. It seemed like you were on a completely unmanaged plan - a big mistake usually for those that have no prior experience with running a server.

    From posts that I've seen, RMW is more than willing to help all of their customers, managed or otherwise so your already in good hands with Devonblzx.

  8. #8
    Join Date
    Jan 2006
    Posts
    264
    I would agree. Initially I thought that a VPS would be no big deal, I mean, I'm pretty technical, I can handle it!

    Then I had my first problem that I didn't know. To make it worse, I know very very little about Linux.

    But, I have to say, it has been a month and another member from here offered to take me under his wing and spent hours with me to teach me how to setup, configure and harden my box. I'm very grateful for his help because he has been amazing!

    But.. now, I know how to do it myself, I can compile programs, install them, I know what to look for (I'm sure not everything though). And I feel 1000 times more confident. I just didn't want to go fully managed because I want to learn, not just hire.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •