SSL down email ?? what is this?

I keep getting an email alert every so often:

Monitor on ns1.mydomain.com for ‘Website www.mydomain.com (SSL)’ has detected that the service has gone down at 01/Nov/2008 00:20

How can SSL go down and still work?

Anyone know why this is happening?

Thanks,
max

EDIT:
Just checked the log and it looks like a SSH dictionary attack. Can that shut down SSL?<br><br>Post edited by: max, at: 2008/11/01 21:47

Howdy,

Well, what’s likely happening is that at certain times throughout the day, while SSL is working fine, it might be taking long enough to respond that the process testing it thinks it’s down.

For some thoughts on that and ideas on how to correct it, take a look at this thread:

http://www.virtualmin.com/forums/help-home-for-newbies/website-service-keeps-going-up-and-down.html

It may be as simple as bumping up the timeout though.

Regarding the SSH attack – those are unfortunate, and seem to happen a lot these days. However, that wouldn’t effect the Apache/SSL stuff.
-Eric

Good to know SSL is not freaking out.

But now that I’v looked at my logs (should be doing this more I know) I am wondering if there is an easy way to ban IP’s that I see doing brute force attacks? I am definitely not into the linux FW, it is way to complicated.

Is there an easy/simple way to:

"block all ports if from this IP"
OR
"just totally reject the IP"

Like using a hatchet, not a scalpel, and no I am not voting for McCane.

It just sucks to see attacks going on as I write this and not be able to shut them off.

Thanks,
Max

Could not edit the post above…

Also is there a guide to tuning Virtualmin to run less heavy in memory/processes?

there is something like c2ban (not sure how it is called though)
However if the attacker is using dynamic IP then the next guy getting the IP is banned from your server and this goes on and on.

Personally I think it is better to use some firewall rules which can be found in this forum.

For memory issues, it is described in the manual… part of “low memory systems”
You can also limit the resources given to domains through VM (but I wouldn’t know what to fill in exactly)

link not working :frowning: still cant edit posts :frowning:
http://www.virtualmin.com/documentation/id,virtualmin_on_low_memory_systems/

Some folks use fail2ban and others use denyhosts. I don’t use any of them…just really strong passwords. There was some discussion of some pretty clever stateful firewall rules which I think I stickied. It seems slightly more elegant than log-based solutions.

Thanks for all of the replys. I like the simple stock solution of relying on strong passwords. Maybe my best bet is a password audit.

Those attacks just are eating up my resources and its irritating, but I guess its just accepted these days that brute force just happens.

Peace on earth, and may the best candOdate win…

Hey,

You wanna contact SSL providers on Live chat? They do offer live chat support for installation and many more. recently I purchased Rapid SSL $14 from rapidsslonline.com. They do offer best product and support. I had deal of 25 SSL cert with rapidsslonline.com. I believe they might help you… wanna try dude?

Kevin,

Cheap domain hosting provider…