security – Is there a reason not to use HTTPS?

I sometimes login to a website that provides both HTTP and HTTPS, even for the login page. Although I use HTTPS to encrypt my credentials, it would be easy to make the mistake of using HTTP, and transmit the credentials for the world to see. Is there any reason for a site not to redirect to HTTPS?

google search console – How to switch to https in webmaster tools?

We will be trying to add SSL to our website pretty soon , in the demo server we achieve everything perfect, the thing now is not to loose the traffic.

With Google Analytics we are able to change HTTP to HTTPS, but in Webmaster Tools is quite confusing trying to change or add another domain with https.

I check this post from @CP30 , https://webmasters.stackexchange.com/a/90829/61395

Sound very logic to do that, but what are the steps? before adding the ssl , should we add a https domain to webmaster tools and then Follow the steps above?

What else do you suggest we can do before we change everything?

https – How to fix a rogue DNS-IP mapping in WHM or cPanel?

I woke up this morning and started getting emails from customers of my website truckercert.com that “the site is down”. But what actually happened is the SSL certificate quit working. The website runs on a Bluehost VPS and I have full (root) access to WHM and cPanel. I called Bluehost. The VPS tech support person was clueless both as to what caused it or how to fix it. She did, however, point out that there are some IP mismatches going on that could be at the root of the problem:

enter image description here

Notice how my domain resolves to two different IP addresses. This just started happening today. The wrong IP (204.11.56.48) now maps to an old domain I used to own (usaarbiters.com), and that domain also used to be the Primary Domain on my Bluehost account. So I guess it’s no shock that this problem caught up with me. The correct IP for truckercert.com is 198.154.243.158.

This domain’s (truckercert.com) SSL cert has been created and renewed automatically by Let's Encrypt through Bluehost for the past 2 years or so. I abandoned the domain usaarbiters.com over a year ago, but maybe someone just bought it, it resolves to a new IP, and maybe Let's Encrypt tried to renew the cert and got confused.

  1. Is there a way in WHM or cPanel to remove all old references to usaarbiters.com so that truckercert.com doesn’t have any link to that wrong IP?
  2. After solving #1 above, is there a way to force Let's Encrypt to re-issue a correct SSL cert through WHM or cPanel (or some other way)?

Any help will be greatly appreciated.

https – How to fix a rogue IP mapping in WHM or cPanel?

I woke up this morning and started getting emails from customers of my website truckercert.com that “the site is down”. But what actually happened is the SSL certificate quit working. The website runs on a Bluehost VPS and I have full (root) access to WHM and cPanel. I called Bluehost. The VPS tech support person was clueless both as to what caused it or how to fix it. She did, however, point out that there are some IP mismatches going on that could be at the root of the problem:

enter image description here

Notice how my domain resolves to two different IP addresses. This just started happening today. The wrong IP (204.11.56.48) now maps to an old domain I used to own (usaarbiters.com), and that domain also used to be the Primary Domain on my Bluehost account. So I guess it’s no shock that this problem caught up with me. The correct IP for truckercert.com is 198.154.243.158.

This domain’s (truckercert.com) SSL cert has been created and renewed automatically by Let's Encrypt through Bluehost for the past 2 years or so. I abandoned the domain usaarbiters.com over a year ago, but maybe someone just bought it, it resolves to a new IP, and maybe Let's Encrypt tried to renew the cert and got confused.

  1. Is there a way in WHM or cPanel to remove all old references to usaarbiters.com so that truckercert.com doesn’t have any link to that wrong IP?
  2. After solving #1 above, is there a way to force Let's Encrypt to re-issue a correct SSL cert through WHM or cPanel (or some other way)?

Any help will be greatly appreciated.

vpn – Use https interceptor (Charles proxy) while using mobile data (no WiFi)?

I’m trying to intercept https traffic from an app but for the app to generate the traffic I’m after, I need to be driving. This complicates things because I can’t be connected to Charles proxy if I’m not connected to WiFi, and I can’t be connected to WiFi if I’m driving.

My original idea was using a hotspot but I don’t pay for that in my data plan and also don’t know if that will work.

My second thought was running a VPN server on my Windows computer with Charles, exposing it to the web, connecting to it from my phone and then driving. Are there any glaring errors with this approach?

docker – Rewrite or Redirect NGINX HTTPS to APACHE HTTP

is it possible to rewrite or redirect NGINX HTTPS url to APACHE HTTP url from the front end request? My website is using Nginx web server, but all the others files is in storage server with Apache as it’s webserver. Whenever there are any request for files with certain format, it will rewrite to mydomain.com and it’s path. This configuration works with NGINX HTTP to APACHE HTTP, bu now, when it turn NGINX HTTPS, it’s not working. I couldn’t figure what’s are the issue here?

log_format main '$remote_addr - $remote_user ($time_local)  $status '
                '$ssl_protocol/$ssl_cipher '
                '"$request" $body_bytes_sent "$http_referer" '
                '"$http_user_agent" "$http_x_forwarded_for"';

access_log      /var/www/html/access.log main;
error_log       /var/www/html/error.log;

server {
                listen        443 ssl;
                server_name   www.example.com;

                ssl_certificate     /etc/ssl/certs/example.crt;
                ssl_certificate_key /etc/ssl/private/exacmple.key;

                root          /var/www/html;
                index         index.php index.html;

                location ~ (.*).pdf$ {
                     rewrite ^(.*)$ http://mydomain.xy$1 redirect;
                }

                location ~ "^/photos/(.*)" {
                     rewrite ^(.*)$ "http:/mydomain.xy$1" redirect;

                }

                location ~ (.*).xls$ {
                     rewrite ^(.*)$ http://mydomain.xy$1 redirect;
                }

                location ~ (.*).zip$ {
                     rewrite ^(.*)$ http://mydomain.xy$1 redirect;
                }

                location / {
                     try_files $uri $uri/ /index.php?$query_string;
                }

                location ~ .php$ {
                     proxy_pass http://127.0.0.1:8080;
                }

                location ~ /.ht {
                     deny all;
                }

 }

 server {
                listen      80;
                server_name www.example.com;
                return 301 https://$host$request_uri;
 }
  • The website is in k8s env meanwhile the storage is an external server, outside the kubernetes. All ports have been configured and open.

linux – Nginx docker HTTPS connection

nginx.conf:

user nginx;
worker_processes auto;

pid /tmp/nginx.pid;

# turn off daemon mode to be watched by supervisord
daemon off;

pcre_jit on;

error_log /var/log/nginx/error.log warn;

# events block defines the parameters that affect connection processing.
events {
    # Define the maximum number of simultaneous connections that can be opened by a worker process
    worker_connections  1024;
}

# SSL configuration
server {
   listen 443 ssl http2;
   listen (::):443 ssl http2;   
   server_name www.example.nl example.nl;
        ssl_certificate      /etc/letsencrypt/live/example.nl/fullchain.pem;
        ssl_certificate_key  /etc/letsencrypt/live/example.nl/privkey.pem;
  
    # Improve HTTPS performance with session resumption
    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout 10m;

    location / {
    try_files $uri @yourapplication;
    }
    
    location @yourapplication {
        include uwsgi_params;
        uwsgi_pass unix:///tmp/uwsgi.sock;
    }
}

uwsgi.ini

(uwsgi)
module = src.main
callable = app

uid = nginx
gid = nginx

socket = /tmp/uwsgi.sock
chown-socket = nginx:nginx
chmod-socket = 664

cheaper = 1
processes = %(%k + 1)

Dockerfile:

FROM python:3.9

RUN apt-get update
RUN apt-get install -y --no-install-recommends 
        libatlas-base-dev gfortran nginx supervisor

RUN pip3 install uwsgi

COPY ./requirements.txt /project/requirements.txt

RUN pip3 install -r /project/requirements.txt

RUN useradd --no-create-home nginx

RUN rm /etc/nginx/sites-enabled/default
RUN rm -r /root/.cache

COPY server-conf/nginx.conf /etc/nginx/
# COPY server-conf/flask-site-nginx.conf /etc/nginx/conf.d/
COPY server-conf/uwsgi.ini /etc/uwsgi/
COPY server-conf/supervisord.conf /etc/supervisor/

COPY src /project/src

WORKDIR /project

ENV PYTHONPATH "${PYTHONPATH}:/project/src"

CMD ("/usr/bin/supervisord")

docker-compose.yml

version: '3'
services:
  app:
    build: .
    ports:
     - "5000:80"
    volumes:
     - .:/project

Those are my files which should run my application on an HTTPS connection. I have an index.html file which I added manually and the rules I added manually which does work. But when I try to run my webapp on these settings it doesn’t work. When I go to my url with the port it says SSL PROTOCOL ERROR. Am I missing out on something?

I’ve been trying to get this work for the past 2-3 days. The HTTP did work before but I changed my nginx.conf to try and make it work with HTTPS but no success so far. I would appreciate any help!

rest – Are there any examples of an application layer protocol other than HTTP(S) following RESTful principles?

I was confused by the distinction between REST and HTTP, and I found this article that cleared things up for me. In summary, it explained that REST is a set of general principles for web communication, whereas HTTP is a specific application-layer internet protocol. The article pointed out that HTTP lends itself to following REST principles, but there are plenty of examples where applications violate REST while using HTTP.

Although I don’t think the article explicitly said it, I inferred that because REST is a style rather than a protocol, you could follow REST principles with any number of protocols other than HTTP.

However, I am not very familiar with any of the other application-layer protocols, so I don’t know whether any of them follow the principles of REST. And it is my impression that in everyday conversation, saying “a REST API” implies HTTP, because HTTP dominates the web.

Are there any examples of a protocol other than HTTP following REST principles?

Como comunicar Angular en S3 con Spring Boot corriendo en EC2. AWS HTTPS?

Tengo un sitio con angular alojado en S3, el cual consume una api que se encuentra corriendo en EC2 (Spring Boot) , todo funciona bien en HTTP.

Mi problema: Puse mi S3 detras de Cloudfrond para que mi sitio tenga un certificado SSL, al realizar esto angular dejo de comunicarse con mi API en EC2. (Contenido mixto, https realizando peticiones a hhtp).

Yo intente: Poner un balanceador de carga para mi EC2, para que reciva las peticiones de angular. No funciono.

Ayuda

tls – Relative security of using on https connection over http when the site does not have a cert implemented

A self signed SSL certificate is still a perfectly valid certificate. The correct question is: Do I want (as a client) to accept that certificate or not?

In other words, someone who wants to see that camera login page can simply accept the certificate.

If you want to play it safe, you should (1) block your cameras and (2) create a separate HTTP page which, for example, returns a timestamp. For example, in an index.php file:

<?php
echo date('U');

Then you can check that the clock is working as well (make sure the robot doesn’t cache the page either).