can't admin via SSL



Is this a plesk server?


-----Original Message-----
From: [email protected]
[mailto:[email protected]]On Behalf Of Susan Petracco
Sent: Thursday, January 08, 2004 10:22 AM
To: [email protected]; [email protected]
Subject: [mrc] can't admin via SSL


I'm having a problem on a client site - I can log into admin via http, but
not via https.
When I load admin.mvc via https, the base href is getting set to http. But
all of the
domain settings are correct. I'm guessing maybe it's an apache setting? Any
ideas? Let me
know if other information is required. Thanks, Susan

can't admin via SSL



Are you using suexec? I've experienced similar problems when using it. There's a known conflict between suexec and empresa.

One way to check is to use the diag.mvc script securely.

https://yourdomain.com/diag.mvc?Test=sysvars

Check to see if the documenturl variable is being formatted with the port number in it - ":443".

lance turner

latu.net
web design & programming
<A HREF ="http://www.latu.net">http://www.latu.net</A>

Winter Park, FL
407 644-4492
[email protected]

At 9:22 AM -0600 1/8/04, Susan Petracco wrote:
>I'm having a problem on a client site - I can log into admin via http, but not via https.
>When I load admin.mvc via https, the base href is getting set to http. But all of the
>domain settings are correct. I'm guessing maybe it's an apache setting? Any ideas? Let me
>know if other information is required. Thanks, Susan
>

can't admin via SSL



Sure is: https://mypapershop.com/diag.mvc?Test=sysvars Now what?

Bill, I don't know about Plesk. This is a hosting company I've not worked with before. Is
there some way to tell? I just have FTP access - it's a dedicated box so I can get more
access if I need.

SSL works fine from the customer side; is that to be expected?

Susan Petracco | [email protected]
------------------------------------------
NetBlazon - E-Business for Every Business
www.netblazon.com
------------------------------------------
*** NEW PHONE NUMBER: 281.298.1725 ***



> -----Original Message-----
> From: lance turner [mailto:[email protected]]
> Sent: Thursday, January 08, 2004 9:42 AM
> To: Susan Petracco; [email protected]; [email protected]
> Subject: Re: [mrc] can't admin via SSL
>
>
> Are you using suexec? I've experienced similar problems when using it. There's
> a known conflict between suexec and empresa.
>
> One way to check is to use the diag.mvc script securely.
>
> https://yourdomain.com/diag.mvc?Test=sysvars
>
> Check to see if the documenturl variable is being formatted with the port
> number in it - ":443".
>
> lance turner
>
> latu.net
> web design & programming
> <A HREF ="http://www.latu.net">http://www.latu.net</A>
>
> Winter Park, FL
> 407 644-4492
> [email protected]
>
> At 9:22 AM -0600 1/8/04, Susan Petracco wrote:
> >I'm having a problem on a client site - I can log into admin via http, but not
> via https.
> >When I load admin.mvc via https, the base href is getting set to http. But all of the
> >domain settings are correct. I'm guessing maybe it's an apache setting? Any
> ideas? Let me
> >know if other information is required. Thanks, Susan
> >
>

can't admin via SSL



For that matter, what IS suexec?

Susan Petracco | [email protected]
------------------------------------------
NetBlazon - E-Business for Every Business
www.netblazon.com
------------------------------------------
*** NEW PHONE NUMBER: 281.298.1725 ***



> -----Original Message-----
> From: [email protected]
> [mailto:[email protected]]On Behalf Of Susan Petracco
> Sent: Thursday, January 08, 2004 9:56 AM
> To: lance turner; [email protected]; [email protected]
> Subject: RE: [mrc] can't admin via SSL
> Importance: High
>
>
> Sure is: https://mypapershop.com/diag.mvc?Test=sysvars Now what?
>
> Bill, I don't know about Plesk. This is a hosting company I've not worked with
> before. Is
> there some way to tell? I just have FTP access - it's a dedicated box so I can get more
> access if I need.
>
> SSL works fine from the customer side; is that to be expected?
>
> Susan Petracco | [email protected]
> ------------------------------------------
> NetBlazon - E-Business for Every Business
> www.netblazon.com
> ------------------------------------------
> *** NEW PHONE NUMBER: 281.298.1725 ***
>
>
>
> > -----Original Message-----
> > From: lance turner [mailto:[email protected]]
> > Sent: Thursday, January 08, 2004 9:42 AM
> > To: Susan Petracco; [email protected]; [email protected]
> > Subject: Re: [mrc] can't admin via SSL
> >
> >
> > Are you using suexec? I've experienced similar problems when using it. There's
> > a known conflict between suexec and empresa.
> >
> > One way to check is to use the diag.mvc script securely.
> >
> > https://yourdomain.com/diag.mvc?Test=sysvars
> >
> > Check to see if the documenturl variable is being formatted with the port
> > number in it - ":443".
> >
> > lance turner
> >
> > latu.net
> > web design & programming
> > <A HREF ="http://www.latu.net">http://www.latu.net</A>
> >
> > Winter Park, FL
> > 407 644-4492
> > [email protected]
> >
> > At 9:22 AM -0600 1/8/04, Susan Petracco wrote:
> > >I'm having a problem on a client site - I can log into admin via http, but not
> > via https.
> > >When I load admin.mvc via https, the base href is getting set to http. But all of the
> > >domain settings are correct. I'm guessing maybe it's an apache setting? Any
> > ideas? Let me
> > >know if other information is required. Thanks, Susan
> > >
> >
>
>

can't admin via SSL



This is most likely a Plesk install as the intital version 5.0 had an suexec
that did not pass https.

Check with the owner - if Plesk, get the hosting company to do an upgrade.
If not - get them to upgrade or reinstall suexec.

Bill


-----Original Message-----
From: [email protected]
[mailto:[email protected]]On Behalf Of Susan Petracco
Sent: Thursday, January 08, 2004 10:56 AM
To: lance turner; [email protected]; [email protected]
Subject: RE: [mrc] can't admin via SSL


Sure is: https://mypapershop.com/diag.mvc?Test=sysvars Now what?

Bill, I don't know about Plesk. This is a hosting company I've not worked
with before. Is
there some way to tell? I just have FTP access - it's a dedicated box so I
can get more
access if I need.

SSL works fine from the customer side; is that to be expected?

Susan Petracco | [email protected]
------------------------------------------
NetBlazon - E-Business for Every Business
www.netblazon.com
------------------------------------------
*** NEW PHONE NUMBER: 281.298.1725 ***



> -----Original Message-----
> From: lance turner [mailto:[email protected]]
> Sent: Thursday, January 08, 2004 9:42 AM
> To: Susan Petracco; [email protected]; [email protected]
> Subject: Re: [mrc] can't admin via SSL
>
>
> Are you using suexec? I've experienced similar problems when using it.
There's
> a known conflict between suexec and empresa.
>
> One way to check is to use the diag.mvc script securely.
>
> https://yourdomain.com/diag.mvc?Test=sysvars
>
> Check to see if the documenturl variable is being formatted with the port
> number in it - ":443".
>
> lance turner
>
> latu.net
> web design & programming
> <A HREF ="http://www.latu.net">http://www.latu.net</A>
>
> Winter Park, FL
> 407 644-4492
> [email protected]
>
> At 9:22 AM -0600 1/8/04, Susan Petracco wrote:
> >I'm having a problem on a client site - I can log into admin via http,
but not
> via https.
> >When I load admin.mvc via https, the base href is getting set to http.
But all of the
> >domain settings are correct. I'm guessing maybe it's an apache setting?
Any
> ideas? Let me
> >know if other information is required. Thanks, Susan
> >
>

can't admin via SSL



suexec can be disabled by renaming the binary file that is most likely located in the /usr/sbin/.

Also, the customer side of mypapershop.com is experiencing a problem related to this.

The base href is not correct when the site is accessed securely.

<base HREF="http://mypapershop.com/Merchant2/">

MM determines whether or not a site is being accessed securely by checking for 'https://' in the s.documenturl variable.

Here's an example of the code that MM uses:

<MvIF EXPR = "{ 'https://' IN s.documenturl}">
<MvASSIGN NAME = "g.Secure" VALUE = "{ 1 }">
<MvELSE>
<MvASSIGN NAME = "g.Secure" VALUE = "{ 0 }">
</MvIF>

The base href is then displayed based on the g.Secure variable.

Here's an example from an OpenUI oui_bes.mv file:

<MvIF EXPR="{g.Secure}">
<BASE HREF="{encodeentities(g.secure_baseurl)}">
<MvELSE>
<BASE HREF="{encodeentities(g.baseurl)}">
</MvIF>

With suexec the s.documenturl is being returned as http://mypapershop.com:443/Merchant2/merchant.mvc? instead of https://mypapershop.com/merchant.mvc?.

So MM's test is not working.

I created a very simple module for a client who did not want to disable the suexec. The module inserts the following code at hookpoint 1 of OUI_Begin_Screen.

<MvIF EXPR = "{ ('https://' IN s.documenturl) OR (':443' IN s.documenturl) }">
<MvASSIGN NAME = "g.Secure" VALUE = "{ 1 }">
<MvELSE>
<MvASSIGN NAME = "g.Secure" VALUE = "{ 0 }">
</MvIF>

lance turner


At 9:55 AM -0600 1/8/04, Susan Petracco wrote:
>Sure is: https://mypapershop.com/diag.mvc?Test=sysvars Now what?
>
>Bill, I don't know about Plesk. This is a hosting company I've not worked with before. Is
>there some way to tell? I just have FTP access - it's a dedicated box so I can get more
>access if I need.
>
>SSL works fine from the customer side; is that to be expected?
>
>Susan Petracco | [email protected]
>------------------------------------------
>NetBlazon - E-Business for Every Business
>www.netblazon.com
>------------------------------------------
> *** NEW PHONE NUMBER: 281.298.1725 ***
>
>
>
>> -----Original Message-----
>> From: lance turner [mailto:[email protected]]
>> Sent: Thursday, January 08, 2004 9:42 AM
>> To: Susan Petracco; [email protected]; [email protected]
>> Subject: Re: [mrc] can't admin via SSL
>>
>>
>> Are you using suexec? I've experienced similar problems when using it. There's
>> a known conflict between suexec and empresa.
>>
>> One way to check is to use the diag.mvc script securely.
>>
>> https://yourdomain.com/diag.mvc?Test=sysvars
>>
>> Check to see if the documenturl variable is being formatted with the port
>> number in it - ":443".
>>
>> lance turner
>>
>> latu.net
>> web design & programming
>> <A HREF ="http://www.latu.net">http://www.latu.net</A>
>>
>> Winter Park, FL
>> 407 644-4492
>> [email protected]
>>
>> At 9:22 AM -0600 1/8/04, Susan Petracco wrote:
>> >I'm having a problem on a client site - I can log into admin via http, but not
>> via https.
>> >When I load admin.mvc via https, the base href is getting set to http. But all of the
>> >domain settings are correct. I'm guessing maybe it's an apache setting? Any
>> ideas? Let me
>> >know if other information is required. Thanks, Susan
>> >
>>
>
>

can't admin via SSL



http://httpd.apache.org/docs/suexec.html


-----Original Message-----
From: [email protected]
[mailto:[email protected]]On Behalf Of Susan Petracco
Sent: Thursday, January 08, 2004 11:02 AM
To: lance turner; [email protected]
Subject: RE: [mrc] can't admin via SSL


For that matter, what IS suexec?

Susan Petracco | [email protected]
------------------------------------------
NetBlazon - E-Business for Every Business
www.netblazon.com
------------------------------------------
*** NEW PHONE NUMBER: 281.298.1725 ***



> -----Original Message-----
> From: [email protected]
> [mailto:[email protected]]On Behalf Of Susan Petracco
> Sent: Thursday, January 08, 2004 9:56 AM
> To: lance turner; [email protected]; [email protected]
> Subject: RE: [mrc] can't admin via SSL
> Importance: High
>
>
> Sure is: https://mypapershop.com/diag.mvc?Test=sysvars Now what?
>
> Bill, I don't know about Plesk. This is a hosting company I've not worked
with
> before. Is
> there some way to tell? I just have FTP access - it's a dedicated box so I
can get more
> access if I need.
>
> SSL works fine from the customer side; is that to be expected?
>
> Susan Petracco | [email protected]
> ------------------------------------------
> NetBlazon - E-Business for Every Business
> www.netblazon.com
> ------------------------------------------
> *** NEW PHONE NUMBER: 281.298.1725 ***
>
>
>
> > -----Original Message-----
> > From: lance turner [mailto:[email protected]]
> > Sent: Thursday, January 08, 2004 9:42 AM
> > To: Susan Petracco; [email protected]; [email protected]
> > Subject: Re: [mrc] can't admin via SSL
> >
> >
> > Are you using suexec? I've experienced similar problems when using it.
There's
> > a known conflict between suexec and empresa.
> >
> > One way to check is to use the diag.mvc script securely.
> >
> > https://yourdomain.com/diag.mvc?Test=sysvars
> >
> > Check to see if the documenturl variable is being formatted with the
port
> > number in it - ":443".
> >
> > lance turner
> >
> > latu.net
> > web design & programming
> > <A HREF ="http://www.latu.net">http://www.latu.net</A>
> >
> > Winter Park, FL
> > 407 644-4492
> > [email protected]
> >
> > At 9:22 AM -0600 1/8/04, Susan Petracco wrote:
> > >I'm having a problem on a client site - I can log into admin via http,
but not
> > via https.
> > >When I load admin.mvc via https, the base href is getting set to http.
But all of the
> > >domain settings are correct. I'm guessing maybe it's an apache setting?
Any
> > ideas? Let me
> > >know if other information is required. Thanks, Susan
> > >
> >
>
>

can't admin via SSL



can I safely disable this? it won't hurt anything else?

and thanks for pointing out the customer side problems. since it hadn't given a fatal
error like the admin side, i assumed it was ok. clearly it isn't!

Susan Petracco | [email protected]
------------------------------------------
NetBlazon - E-Business for Every Business
www.netblazon.com
------------------------------------------
*** NEW PHONE NUMBER: 281.298.1725 ***



> -----Original Message-----
> From: [email protected]
> [mailto:[email protected]]On Behalf Of lance turner
> Sent: Thursday, January 08, 2004 10:19 AM
> To: Susan Petracco; [email protected]
> Subject: RE: [mrc] can't admin via SSL
> Importance: High
>
>
> suexec can be disabled by renaming the binary file that is most likely located
> in the /usr/sbin/.
>
> Also, the customer side of mypapershop.com is experiencing a problem related to this.
>
> The base href is not correct when the site is accessed securely.
>
> <base HREF="http://mypapershop.com/Merchant2/">
>
> MM determines whether or not a site is being accessed securely by checking for
> 'https://' in the s.documenturl variable.
>
> Here's an example of the code that MM uses:
>
> <MvIF EXPR = "{ 'https://' IN s.documenturl}">
> <MvASSIGN NAME = "g.Secure" VALUE = "{ 1 }">
> <MvELSE>
> <MvASSIGN NAME = "g.Secure" VALUE = "{ 0 }">
> </MvIF>
>
> The base href is then displayed based on the g.Secure variable.
>
> Here's an example from an OpenUI oui_bes.mv file:
>
> <MvIF EXPR="{g.Secure}">
> <BASE HREF="{encodeentities(g.secure_baseurl)}">
> <MvELSE>
> <BASE HREF="{encodeentities(g.baseurl)}">
> </MvIF>
>
> With suexec the s.documenturl is being returned as
> http://mypapershop.com:443/Merchant2/merchant.mvc? instead of
> https://mypapershop.com/merchant.mvc?.
>
> So MM's test is not working.
>
> I created a very simple module for a client who did not want to disable the
> suexec. The module inserts the following code at hookpoint 1 of OUI_Begin_Screen.
>
> <MvIF EXPR = "{ ('https://' IN s.documenturl) OR (':443' IN s.documenturl) }">
> <MvASSIGN NAME = "g.Secure" VALUE = "{ 1 }">
> <MvELSE>
> <MvASSIGN NAME = "g.Secure" VALUE = "{ 0 }">
> </MvIF>
>
> lance turner
>
>
> At 9:55 AM -0600 1/8/04, Susan Petracco wrote:
> >Sure is: https://mypapershop.com/diag.mvc?Test=sysvars Now what?
> >
> >Bill, I don't know about Plesk. This is a hosting company I've not worked with
> before. Is
> >there some way to tell? I just have FTP access - it's a dedicated box so I can get more
> >access if I need.
> >
> >SSL works fine from the customer side; is that to be expected?
> >
> >Susan Petracco | [email protected]
> >------------------------------------------
> >NetBlazon - E-Business for Every Business
> >www.netblazon.com
> >------------------------------------------
> > *** NEW PHONE NUMBER: 281.298.1725 ***
> >
> >
> >
> >> -----Original Message-----
> >> From: lance turner [mailto:[email protected]]
> >> Sent: Thursday, January 08, 2004 9:42 AM
> >> To: Susan Petracco; [email protected]; [email protected]
> >> Subject: Re: [mrc] can't admin via SSL
> >>
> >>
> >> Are you using suexec? I've experienced similar problems when using it. There's
> >> a known conflict between suexec and empresa.
> >>
> >> One way to check is to use the diag.mvc script securely.
> >>
> >> https://yourdomain.com/diag.mvc?Test=sysvars
> >>
> >> Check to see if the documenturl variable is being formatted with the port
> >> number in it - ":443".
> >>
> >> lance turner
> >>
> >> latu.net
> >> web design & programming
> >> <A HREF ="http://www.latu.net">http://www.latu.net</A>
> >>
> >> Winter Park, FL
> >> 407 644-4492
> >> [email protected]
> >>
> >> At 9:22 AM -0600 1/8/04, Susan Petracco wrote:
> >> >I'm having a problem on a client site - I can log into admin via http, but not
> >> via https.
> >> >When I load admin.mvc via https, the base href is getting set to http. But
> all of the
> >> >domain settings are correct. I'm guessing maybe it's an apache setting? Any
> >> ideas? Let me
> >> >know if other information is required. Thanks, Susan
> >> >
> >>
> >
> >

can't admin via SSL



The base href problem is usually somewhat hidden. Some browsers will display the page securely, others will display an error message stating the the content of the page is not secure.

lance turner

At 10:44 AM -0600 1/8/04, Susan Petracco wrote:
>can I safely disable this? it won't hurt anything else?
>
>and thanks for pointing out the customer side problems. since it hadn't given a fatal
>error like the admin side, i assumed it was ok. clearly it isn't!
>
>Susan Petracco | [email protected]
>------------------------------------------
>NetBlazon - E-Business for Every Business
>www.netblazon.com
>------------------------------------------
> *** NEW PHONE NUMBER: 281.298.1725 ***
>
>
>
>> -----Original Message-----
>> From: [email protected]
>> [mailto:[email protected]]On Behalf Of lance turner
>> Sent: Thursday, January 08, 2004 10:19 AM
>> To: Susan Petracco; [email protected]
>> Subject: RE: [mrc] can't admin via SSL
>> Importance: High
>>
>>
>> suexec can be disabled by renaming the binary file that is most likely located
>> in the /usr/sbin/.
>>
>> Also, the customer side of mypapershop.com is experiencing a problem related to this.
>>
> > The base href is not correct when the site is accessed securely.
>>
>> <base HREF="http://mypapershop.com/Merchant2/">
>>
>> MM determines whether or not a site is being accessed securely by checking for
>> 'https://' in the s.documenturl variable.
>>
>> Here's an example of the code that MM uses:
>>
>> <MvIF EXPR = "{ 'https://' IN s.documenturl}">
>> <MvASSIGN NAME = "g.Secure" VALUE = "{ 1 }">
>> <MvELSE>
>> <MvASSIGN NAME = "g.Secure" VALUE = "{ 0 }">
>> </MvIF>
>>
>> The base href is then displayed based on the g.Secure variable.
>>
>> Here's an example from an OpenUI oui_bes.mv file:
>>
>> <MvIF EXPR="{g.Secure}">
>> <BASE HREF="{encodeentities(g.secure_baseurl)}">
>> <MvELSE>
>> <BASE HREF="{encodeentities(g.baseurl)}">
>> </MvIF>
>>
>> With suexec the s.documenturl is being returned as
>> http://mypapershop.com:443/Merchant2/merchant.mvc? instead of
>> https://mypapershop.com/merchant.mvc?.
>>
>> So MM's test is not working.
>>
>> I created a very simple module for a client who did not want to disable the
>> suexec. The module inserts the following code at hookpoint 1 of OUI_Begin_Screen.
>>
>> <MvIF EXPR = "{ ('https://' IN s.documenturl) OR (':443' IN s.documenturl) }">
>> <MvASSIGN NAME = "g.Secure" VALUE = "{ 1 }">
>> <MvELSE>
>> <MvASSIGN NAME = "g.Secure" VALUE = "{ 0 }">
>> </MvIF>
>>
>> lance turner
>>
>>
>> At 9:55 AM -0600 1/8/04, Susan Petracco wrote:
>> >Sure is: https://mypapershop.com/diag.mvc?Test=sysvars Now what?
>> >
>> >Bill, I don't know about Plesk. This is a hosting company I've not worked with
>> before. Is
>> >there some way to tell? I just have FTP access - it's a dedicated box so I can get more
>> >access if I need.
>> >
>> >SSL works fine from the customer side; is that to be expected?
>> >
>> >Susan Petracco | [email protected]
> > >------------------------------------------
> > >NetBlazon - E-Business for Every Business
> > >www.netblazon.com
> > >------------------------------------------
> > > *** NEW PHONE NUMBER: 281.298.1725 ***
>> >
>> >
>> >
>> >> -----Original Message-----
>> >> From: lance turner [mailto:[email protected]]
>> >> Sent: Thursday, January 08, 2004 9:42 AM
>> >> To: Susan Petracco; [email protected]; [email protected]
>> >> Subject: Re: [mrc] can't admin via SSL
>> >>
>> >>
>> >> Are you using suexec? I've experienced similar problems when using it. There's
>> >> a known conflict between suexec and empresa.
>> >>
>> >> One way to check is to use the diag.mvc script securely.
>> >>
>> >> https://yourdomain.com/diag.mvc?Test=sysvars
>> >>
>> >> Check to see if the documenturl variable is being formatted with the port
>> >> number in it - ":443".
>> >>
>> >> lance turner
>> >>
>> >> latu.net
>> >> web design & programming
>> >> <A HREF ="http://www.latu.net">http://www.latu.net</A>
>> >>
>> >> Winter Park, FL
> > >> 407 644-4492
>> >> [email protected]
>> >>
>> >> At 9:22 AM -0600 1/8/04, Susan Petracco wrote:
>> >> >I'm having a problem on a client site - I can log into admin via http, but not
>> >> via https.
>> >> >When I load admin.mvc via https, the base href is getting set to http. But
>> all of the
>> >> >domain settings are correct. I'm guessing maybe it's an apache setting? Any
>> >> ideas? Let me
>> >> >know if other information is required. Thanks, Susan
>> >> >
>> >>
>> >
>> >