WannaCry is just the start. Read how Liquid Web is protecting itself and its customers against new threats.
Course Of The Month
4 days, 16 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Why can't I get a directory listing when I use HTTPS?
Posted on 2014-12-29
Hi all,
I've just successfully installed an SSL certificate on my server (I get no reboot errors when I restart apache2 server and also when I type in the URL with the https I can see the green lock symbol which I can click and see corresponds to my certificate).
The problem is that when I use the https protocol I get an error:
https://www.mifujiclark.co
When I use the http protocol I get the right page:
http://www.mifujiclark.com
What am I doing wrong here?
thanks in advance.
P.S. Here is my site's conf file from the apache2 sites enabled folder:
I've just successfully installed an SSL certificate on my server (I get no reboot errors when I restart apache2 server and also when I type in the URL with the https I can see the green lock symbol which I can click and see corresponds to my certificate).
The problem is that when I use the https protocol I get an error:
https://www.mifujiclark.co
Forbidden
You don't have permission to access / on this server.
When I use the http protocol I get the right page:
http://www.mifujiclark.com
What am I doing wrong here?
thanks in advance.
P.S. Here is my site's conf file from the apache2 sites enabled folder:
# domain: mifujiclark.com
# public: /home/myfolder/public/mifujiclark.com/public
<VirtualHost *:443>
SSLEngine On
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM
SSLCertificateFile /PATH_TO_APACHE_FOLDER/ssl/mifujiclark.com.crt
SSLCertificateKeyFile /PATH_TO_APACHE_FOLDER/ssl/mifujiclark.com.key
SSLCertificateChainFile /PATH_TO_APACHE_FOLDER/ssl/sub.class1.server.ca.pem
# Admin email, Server Name (domain name), and any aliases
ServerAdmin info@ookami.it
ServerName www.mifujiclark.com
ServerAlias mifujiclark.com
# Index file and Document Root (where the public files are located)
DirectoryIndex index.html index.htm index.php
DocumentRoot /home/myfolder/public/mifujiclark.com/public
# Log file locations
LogLevel warn
ErrorLog /home/myfolder/public/mifujiclark.com/log/error.log
CustomLog /home/myfolder/public/mifujiclark.com/log/ssl_request.log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
TransferLog /home/myfolder/public/mifujiclark.com/log/access.log
</VirtualHost>
<VirtualHost *:80>
# Admin email, Server Name (domain name), and any aliases
ServerAdmin info@ookami.it
ServerName www.mifujiclark.com
ServerAlias mifujiclark.com
# Index file and Document Root (where the public files are located)
DirectoryIndex index.html index.htm index.php
DocumentRoot /home/myfolder/public/mifujiclark.com/public
# Log file locations
LogLevel warn
ErrorLog /home/myfolder/public/mifujiclark.com/log/error.log
CustomLog /home/myfolder/public/mifujiclark.com/log/access.log combined
</VirtualHost>
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
-
4
6 Comments
Here are the three logs:
ACCESS.LOG
ERROR.LOG
SSL_REQUEST.LOG
ACCESS.LOG
90.14.76.165 - - [30/Dec/2014:03:06:56 +0000] "GET / HTTP/1.1" 403 202
90.14.76.165 - - [30/Dec/2014:03:06:56 +0000] "GET /favicon.ico HTTP/1.1" 403 213
ERROR.LOG
[Tue Dec 30 03:06:56.610993 2014] [authz_core:error] [pid 22773] [client 90.14.76.165:57228] AH01630: client denied by server configuration: /home/myfolder/public/mifujiclark.com/public/
[Tue Dec 30 03:06:56.697159 2014] [authz_core:error] [pid 22773] [client 90.14.76.165:57228] AH01630: client denied by server configuration: /home/myfolder/public/mifujiclark.com/public/favicon.ico
SSL_REQUEST.LOG
[30/Dec/2014:03:06:56 +0000] 90.14.76.165 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 "GET / HTTP/1.1" 202
[30/Dec/2014:03:06:56 +0000] 90.14.76.165 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 "GET /favicon.ico HTTP/1.1" 213
Hi,
thanks for the reply. I use Apache2 on Ubuntu. I don't see a httpd-ssl.conf.
I see a default-ssl.conf file. Do I need to add something to it?
If so could you please help me with the syntax?
Also the default-ssl.conf file at the moment I see it only in the sites-available folder and not in the sites-enabled folder.
Do I need to make a shortcut to it there?
thanks in advance
thanks for the reply. I use Apache2 on Ubuntu. I don't see a httpd-ssl.conf.
I see a default-ssl.conf file. Do I need to add something to it?
If so could you please help me with the syntax?
Also the default-ssl.conf file at the moment I see it only in the sites-available folder and not in the sites-enabled folder.
Do I need to make a shortcut to it there?
thanks in advance
I solved it myself by adding:
ExpiresActive on
ExpiresByType image/jpg "access plus 1 year"
ExpiresByType image/png "access plus 1 year"
ExpiresByType image/gif "access plus 1 year"
ExpiresByType image/jpeg "access plus 1 year"
ExpiresByType text/css "access plus 1 month"
ExpiresByType image/x-icon "access plus 1 month"
ExpiresByType text/javascript "access plus 1 month"
ExpiresByType application/x-javascript "access plus 1 month"
ExpiresByType application/javascript "access plus 1 month"
<Directory /home/myfolder/public/mifu
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order allow,deny
Allow from all
Require all granted
</Directory>
ExpiresActive on
ExpiresByType image/jpg "access plus 1 year"
ExpiresByType image/png "access plus 1 year"
ExpiresByType image/gif "access plus 1 year"
ExpiresByType image/jpeg "access plus 1 year"
ExpiresByType text/css "access plus 1 month"
ExpiresByType image/x-icon "access plus 1 month"
ExpiresByType text/javascript "access plus 1 month"
ExpiresByType application/x-javascript "access plus 1 month"
ExpiresByType application/javascript "access plus 1 month"
<Directory /home/myfolder/public/mifu
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order allow,deny
Allow from all
Require all granted
</Directory>
Featured Post
Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat. The purpose of this eBook is to educate the reader about ransomware attacks.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
You ever wonder how to backup Linux system files just like Windows System Restore? Well you can use Timeshift in Linux to perform those similar action. This tutorial will show you how to backup your system files and keep regular intervals.
Note…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Learn several ways to interact with files and get file information from the bash shell.
ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses
Course of the Month4 days, 16 hours left to enroll
688 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.