Control Web Panel

WebPanel => CentOS 6 Problems => Topic started by: randyproxz on April 09, 2019, 04:15:54 AM

Title: All CWP panel force to using SSL
Post by: randyproxz on April 09, 2019, 04:15:54 AM: My cwp panel has been down because its redirect to using SSL. All port from 2030 redirect to 2031.

And after login it will automatically logout because "invalid session"

What happen to cwp?
Title: Re: All CWP panel force to using SSL
Post by: studio4host on April 09, 2019, 11:11:12 AM: why do you even use HTTP for root login, this is highly insecure and you should use HTTPS over your hostname.

Also, this is http to https redirect so it has no anything with the sessions, it can be related to only that you have multiple windows in the same browser open with the different sessions id.
Title: Re: All CWP panel force to using SSL
Post by: guille791 on April 09, 2019, 03:14:04 PM: Hi, I have the some problem. Please help. How do disabled force all url to secure port ssl?
Title: Re: All CWP panel force to using SSL
Post by: randyproxz on April 09, 2019, 06:23:18 PM: Quote from: guille791 on April 09, 2019, 03:14:04 PM
Hi, I have the some problem. Please help. How do disabled force all url to secure port ssl?

You can't disabled or modify anything in CWP. It's useless.
The next any CWP update will erase your all configuration on your server.

So, I suggest you follow all the rules.
Because the only CWP's team has rules to modify your server or CWP config.
Title: Re: All CWP panel force to using SSL
Post by: studio4host on April 09, 2019, 08:42:52 PM: It's simple config, but it's not recommended to disable it as https is now standard and all important logins are moving to https

admin
/usr/local/cwpsrv/conf/cwpsrv.conf

user
/usr/local/cwpsrv/conf.d/users.conf

comment line with return 301 to disable redirect
Title: Re: All CWP panel force to using SSL
Post by: guille791 on April 09, 2019, 11:07:26 PM: Thank. Resolved.
Title: Re: All CWP panel force to using SSL
Post by: regatcwp on April 10, 2019, 01:08:28 AM: Please don't force to redirect http to https. Users should choose to use http or https.
Title: Re: All CWP panel force to using SSL
Post by: randyproxz on April 10, 2019, 03:47:17 AM: Quote from: studio4host on April 09, 2019, 11:11:12 AM
why do you even use HTTP for root login, this is highly insecure and you should use HTTPS over your hostname.

Also, this is http to https redirect so it has no anything with the sessions, it can be related to only that you have multiple windows in the same browser open with the different sessions id.

Just convince us if all must be force to SSL, auto renew SSL for hostname must be run perfectly.
Because there are some cases on my server auto renew SSL does not work even it has been configured and checked "auto renovation" as active.
Title: Re: All CWP panel force to using SSL
Post by: Charles on April 13, 2019, 10:27:41 AM: Hey can u pls tell me the effects if someone force http to https...I mean i have heard it alot but dont know what happens...Can u pls explain.Thanks
Title: Re: All CWP panel force to using SSL
Post by: Charles on April 15, 2019, 09:11:19 AM: Quote from: Charles on April 13, 2019, 10:27:41 AM
Hey can u pls tell me the effects if someone force http to https...I mean i have heard it alot but dont know what happens...Can u pls explain.Thanks
What happened ?Waiting for your answer.As i really want to know about it..I hope u will reply soon on MyCCPay (https://www.myccpay.net/)
Title: Re: All CWP panel force to using SSL
Post by: Igor S. on April 18, 2019, 05:56:46 AM: hi, the login and password you use will be encrypted if used httpS
If you use http they will be sent to the server as plain text.
;)