On 30 May 2025 at 19:49, Tim via users wrote:
Subject: Re: How to setup certs for https access for Fedora
42?
To: noloa...@gmail.com, Community support for
Fedora users
<users@lists.fedoraproject.org>
Date sent: Fri, 30 May 2025 19:49:29 +0930
Send reply to: Community support for Fedora users
<users@lists.fedoraproject.org>
From: Tim via users <users@lists.fedoraproject.org>
Copies to: Tim <ignored_mail...@yahoo.com.au>
> On Thu, 2025-05-29 at 20:05 -0400, Jeffrey Walton wrote:
> > Also see
> > <https://docs.fedoraproject.org/en-US/fedora-server/services/httpd-basic-setup/>
> > and the section, "Configure a Virtual Host for the domain".
>
> When following such instructions, you have to be careful about the
> choice of where you put virtually hosted sites. If you do decide to
> make sub-directories inside /var/www/html (as some advocate, and is
> mentioned in that linked page) you have to make sure that nobody
> connecting to the IP of the server can simply append the filepath used
> by the site to the IP address, and bypass any security restrictions.
>
First thanks for the info. Don't have anything critical on system.
Just the /var/www/html with about 8 simple web pages. Map ports
80 and 443 to that machine. So, just provides links to info from the
Public data of my old College Staffing Pattern and the sister
Univercity down street. Both put the data in PDF files that are hard
to get data from. Pull data via pdf2txt and put it into Mariadb that
is like to web pages for sorting. Also, do similar to staffing pattern
info they update every 3 months. Been doing it going back to 2004.
https://setzco.dyndns.org/GCCHTML.html is primary page. Did just
tweak it to push http to https. So, seems to work fine. Seen some
browsers do that on own, and some even force to https. Mostly
spreadsheet links and simple php to the mariadb databases. So, no
other data. Notice your noreply address ended with an au. I'm from
Guam (close to au). Currently, in NV. Mom just passed away. last
year.
> My advice is never do it. *Always* do virtual hosts outside of
> /var/www/html. Hackers will try to find things, make it impossible for
> them.
>
Agree. Had hackers always probing the College public IPs. Had 4
servers in my building with public IPs, but then 8 computer labs
with private networks behind them each lab with own network.
> My public server's logs has long lists of hacking attempts that will
> fail because what they're looking for doesn't exist. But obviously it
> does exist for other webservers. Years ago it was commonly FrontPage
> weaknesses they targeted, recently it's WordPress. Neither of which I
> use. Just about all of those content management systems have flaws,
> and you need to keep on top of updates on a daily matter. And people
> install them and configure them in dumb ways too (such us making
> everything world readable and writeable).
Thanks again. Just do it more out of habit. Use to be vice chare of
union, so found the data in a usuable format interesting.
Have a great day.
>
> --
>
> uname -rsvp
> Linux 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
> (yes, this is the output from uname for this PC when I posted)
>
> Boilerplate: All unexpected mail to my mailbox is automatically deleted.
> I will only get to see the messages that are posted to the mailing list.
>
>
> --
> _______________________________________________
> users mailing list -- users@lists.fedoraproject.org
> To unsubscribe send an email to users-le...@lists.fedoraproject.org
> Fedora Code of Conduct:
> https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
> https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
> Do not reply to spam, report it:
> https://pagure.io/fedora-infrastructure/new_issue
+------------------------------------------------------------+
Michael D. Setzer II - Computer Science Instructor (Retired)
mailto:mi...@guam.net
mailto:msetze...@gmail.com
mailto:msetze...@gmx.com
Guam - Where America's Day Begins
G4L Disk Imaging Project maintainer
http://sourceforge.net/projects/g4l/
+------------------------------------------------------------+
--
_______________________________________________
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
