Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 2 subscribers
  • Views 4159 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Unable to Create working HTTPS WAF Rule

Mark_D

Hi All

I'm trying to create a HTTPS WAF rule to a HTTPS web Server.

I have a couple of HTTP rules working fine.

If I enter the deatils for this site as HTTP all works fine.

When I create the HTTPS rule I import the cert from the server (The domain name comes up correctly). I enter all the deatails for HTTPS. The green Light comes ON.

Any advise

Thanks

I get the below error logs

Starting failed
2018:08:12-12:29:14 fa httpd[26751]: Restarting gracefully
2018:08:12-12:29:14 fa httpd[26755]: Not running
2018:08:12-12:29:14 fa httpd[26759]: Starting
2018:08:12-12:29:14 fa httpd[26763]: [Sun Aug 12 12:29:14.193305 2018] [core:warn] [pid 26765:tid 4148147904] AH00111: Config variable ${URLHardening_HTTP_Hostname} is not defined
2018:08:12-12:29:14 fa httpd[26763]: [Sun Aug 12 12:29:14.193345 2018] [core:warn] [pid 26765:tid 4148147904] AH00111: Config variable ${URLHardening_HTTP_Hostname} is not defined
2018:08:12-12:29:14 fa httpd[26763]: [Sun Aug 12 12:29:14.193572 2018] [core:warn] [pid 26765:tid 4148147904] AH00111: Config variable ${URLHardening_HTTP_Hostname} is not defined
2018:08:12-12:29:14 fa httpd[26763]: [Sun Aug 12 12:29:14.193579 2018] [core:warn] [pid 26765:tid 4148147904] AH00111: Config variable ${URLHardening_HTTP_Hostname} is not defined
2018:08:12-12:29:14 fa httpd[26763]: AH00112: Warning: DocumentRoot [/var/www/REF_RevFroMembersoce] does not exist
2018:08:12-12:29:14 fa httpd[26763]: AH00112: Warning: DocumentRoot [/var/www/REF_RevFroOsCrm] does not exist
2018:08:12-12:29:14 fa httpd[26763]: AH00112: Warning: DocumentRoot [/var/www/REF_RevFroRtm] does not exist
2018:08:12-12:29:14 fa httpd[26763]: Syntax OK
2018:08:12-12:29:14 fa httpd[26771]: [Sun Aug 12 12:29:14.310518 2018] [core:warn] [pid 26773:tid 4147873472] AH00111: Config variable ${URLHardening_HTTP_Hostname} is not defined
2018:08:12-12:29:14 fa httpd[26771]: [Sun Aug 12 12:29:14.310555 2018] [core:warn] [pid 26773:tid 4147873472] AH00111: Config variable ${URLHardening_HTTP_Hostname} is not defined
2018:08:12-12:29:14 fa httpd[26771]: [Sun Aug 12 12:29:14.310738 2018] [core:warn] [pid 26773:tid 4147873472] AH00111: Config variable ${URLHardening_HTTP_Hostname} is not defined
2018:08:12-12:29:14 fa httpd[26771]: [Sun Aug 12 12:29:14.310742 2018] [core:warn] [pid 26773:tid 4147873472] AH00111: Config variable ${URLHardening_HTTP_Hostname} is not defined
2018:08:12-12:29:14 fa httpd[26771]: AH00112: Warning: DocumentRoot [/var/www/REF_RevFroMembersoce] does not exist
2018:08:12-12:29:14 fa httpd[26771]: AH00112: Warning: DocumentRoot [/var/www/REF_RevFroOsCrm] does not exist
2018:08:12-12:29:14 fa httpd[26771]: AH00112: Warning: DocumentRoot [/var/www/REF_RevFroRtm] does not exist
2018:08:12-12:29:14 fa httpd[26771]: (98)Address already in use: AH00072: make_sock: could not bind to address xxx.xxx.xxx.xxx:443(external IP of NIC)
2018:08:12-12:29:14 fa httpd[26771]: no listening sockets available, shutting down
2018:08:12-12:29:14 fa httpd[26771]: AH00015: Unable to open logs
2018:08:12-12:29:14 fa httpd[26777]: Sending start signal failed
2018:08:12-12:29:14 fa httpd[26780]: Starting failed


This thread was automatically locked due to age.
  • 0

    Mark, please show us pictures of the Edits of the Real Server, Virtual Server, Firewall Profile and the relevant Site Path route.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hi Bob

    Thanks for the reply

    Testing since 2003

    SG 310 home use

    Retired with Cancer

    Can be contacted for those bits too hard for anybody else.

    Plan to travel remote Australia to raise awareness of prostate cancer.

    Have you had your PSA level checked lately.

    Enjoy live you never know what is around the corner.

    Cheers

    Mark

  • 0 in reply to Mark_D

    With the 3x Http WAF sites that are configured all works fine.

    But if I disable the rtm http and turn on the rtm htpps I get the error messages.

    I hope this makes sense.

    This Firewall has 1x external (WAN) interface.

    17x RED devices

    User Portal is on at port 4447 listen any IP

    But SSL VPN is Using 443

    Changed SSL VPN to another Port now working

    WHY the F don't they give you a message or warning or note in the docs.

    What a f'ing trap.

     

    Thanks BOB

    hope all is well in your world.

    Cheers

    Mark

    Testing since 2003

    SG 310 home use

    Retired with Cancer

    Can be contacted for those bits too hard for anybody else.

    Plan to travel remote Australia to raise awareness of prostate cancer.

    Have you had your PSA level checked lately.

    Enjoy live you never know what is around the corner.

    Cheers

    Mark

Unfiltered HTML