0
  • 基于 debian 的 Linux 上的 Apache 2.2
  • # a2enmod ssl && service apache2 restart
  • 根据 SheildsUP,端口 443 已关闭!扫描,但不处于隐身模式
  • Apache 根据 80 和 443 端口监听netstat -nutlp
  • 在端口 80 和端口 443 上托管相同的网站
  • http://website.com有效,https: //website.com 无效

我的虚拟主机设置如下:

<VirtualHost *:443>
    SSLEngine               On
    SSLCertificateKeyFile   SSL_DIR/ssl.key
    SSLCertificateFile      SSL_DIR/ssl.crt
</VirtualHost>

<VirtualHost *:80 *:443>
    ServerAdmin     webmaster@localhost
    ServerAlias     website.com *.website.com
    ServerName      www.website.com

    # Just a few connection resets so that I don't waste my bandwidth on "hackers"
    SecRuleEngine On
    SecRule &REQUEST_HEADERS:User-Agent     "@eq 0"         drop,phase:1
    SecRule REQUEST_HEADERS:User-Agent      "^$"            drop,phase:1

    SecRule REQUEST_LINE                    "://"           drop,phase:1

    SecRule REQUEST_URI                     "^/admin"       drop,phase:1
    SecRule REQUEST_URI                     "^/mail"        drop,phase:1
    SecRule REQUEST_URI                     "^/webmail"     drop,phase:1

    DocumentRoot /path/public_html
    <Directory /path/public_html/>
            Options FollowSymLinks MultiViews
            Order allow,deny
            allow from all
    </Directory>
</VirtualHost>

当我注册我的 SSL 证书时,我也得到了 2 个.pem文件,但找不到任何关于如何处理它们的信息。

我的问题是,为什么 SSL 不起作用?和.pem文件有关系吗?

4

1 回答 1

2

首先,你必须启用 ssl

sudo a2enmod ssl

并且您必须包含您的 pem 文件(迷你示例)

<VirtualHost *:443>
        SSLEngine               On
        SSLCertificateKeyFile   SSL_DIR/ssl.key
        SSLCertificateFile      SSL_DIR/ssl.crt

        ServerAdmin     webmaster@localhost
        ServerAlias     website.com *.website.com
        ServerName      www.website.com

        # Just a few connection resets so that I don't waste my bandwidth on "hackers"
        SecRuleEngine On
        SecRule &REQUEST_HEADERS:User-Agent     "@eq 0"         drop,phase:1
        SecRule REQUEST_HEADERS:User-Agent      "^$"            drop,phase:1

        SecRule REQUEST_LINE                    "://"           drop,phase:1

        SecRule REQUEST_URI                     "^/admin"       drop,phase:1
        SecRule REQUEST_URI                     "^/mail"        drop,phase:1
        SecRule REQUEST_URI                     "^/webmail"     drop,phase:1

        DocumentRoot /path/public_html
        <Directory /path/public_html/>
                Options FollowSymLinks MultiViews
                Order allow,deny
                allow from all
        </Directory>
    </VirtualHost>

    <VirtualHost *:80>
        ServerAdmin     webmaster@localhost
        ServerAlias     website.com *.website.com
        ServerName      www.website.com

        # Just a few connection resets so that I don't waste my bandwidth on "hackers"
        SecRuleEngine On
        SecRule &REQUEST_HEADERS:User-Agent     "@eq 0"         drop,phase:1
        SecRule REQUEST_HEADERS:User-Agent      "^$"            drop,phase:1

        SecRule REQUEST_LINE                    "://"           drop,phase:1

        SecRule REQUEST_URI                     "^/admin"       drop,phase:1
        SecRule REQUEST_URI                     "^/mail"        drop,phase:1
        SecRule REQUEST_URI                     "^/webmail"     drop,phase:1

        DocumentRoot /path/public_html
        <Directory /path/public_html/>
                Options FollowSymLinks MultiViews
                Order allow,deny
                allow from all
        </Directory>
    </VirtualHost>
于 2013-05-19T23:38:52.717 回答