Proxies allowed?

[karath]

Are proxies allowed or not? I don't like using free hosts CPU's, especially friendly ones.

[Ashoat]

As long as you don't make it huge or commercial, I guess. We monitor CPU usage, so if yours goes too high we'll have to ask you to shutdown the proxy.

[karath]

As long as you don't make it huge or commercial, I guess. We monitor CPU usage, so if yours goes too high we'll have to ask you to shutdown the proxy.

 

 

Okay thanks and cheers... it won't be commercial nor huge... just a small one promises...

[joemama718]

I'm trying to install a proxy as well, and so far the script is working. To support SSL, however, the directions say to install OpenSSL as well as Net::SSLeay. From the cPanel, it appears Net::SSLeay is already installed. Being unfamiliar with perl modules or anything related to it (I installed the proxy with simple directions), I have two questions:

 

1. Is OpenSSL installed?

2. If not, is it even possible for me to install OpenSSL?

3. If yes, how can I install it?

 

I've searched around, and all the sites say to do things at a Unix prompt...which I don't think I can do since my stuff is being hosted.

 

edit//

um...nm...I went to cPanel, Perl Modules, typed in OpenSSL...and apparently it's installed. but I realized that wasn't the program - sites like Orkut won't let me log in because it's not through a secure proxy. I think that means it has to be through https:// , right? Is there any way to do that?

[Ashoat]

1. Yes.

In response to the edit: you'll need SSL access. What proxy software are you using anyway? You can only install proxy SCRIPTS, like CGIProxy or PHProxy. No fancy proxy software - it's gotta work through the web.

[joemama718]

Yeah I have CGIProxy installed i found it at http://www.jmarshall.com/tools/cgiproxy/ . What exactly does that mean, I'll need SSL access? >< Sorry I'm really unexperienced in this area.

[andy]

I think there are two different issues here.

 

There will be two different connections, one from the users PC to the proxy, and one from the proxy to the end website.

 

If you want SSL enabled for both parts.

 

I'm not sure if you can access pages on shared hosting over SSH. Apache needs the host header to decide who's site is being displayed but SSL needs to serve the certificate prior to knowing who's site is being used.

 

If shared SSL connections are supported on the virtual hosting it is likely your users will see a domain mismatch message, unless heliohost uses a wildcard SSL certificate.

 

The proxy itself also needs to understand SSL to make the connection to the end point.

 

For that it needs:

OpenSSL

Net::SSLeay

 

I would be very suprised if openSSL was not already on the server. It may not be accessable though.

 

According to cpanel Net:SSLeay is installed system wide so that shouldn't be a problem.

 

However I can't see anyway you can setup SSL for connecting to your site.

 

You can probably get your proxy to connect to SSL sites but it would be horribly insecure as it's sending the last bit unprotected.

 

I seem to remeber being told that (inbound) SSL on shared hosts is normally not available as it requires each shared host to have it's own static IP so that Apache can determine which SSL cert it needs to serve.

 

You might want to ask djbob:

1. can SSL connections be established to accounts on heliohost (i.e. does https://yourname.heliohost.org work, or be made to work)

2. Are outbound connects to port 443 permitted by the firewalls

 

 

It might be better to keep it all in one topic, if the answers are dotted around all over the place tings could become confusing.

 

 

[joemama718]

oh. well I think I installed OpenSSL...

 

Method: Perl Expect
Fetching CPAN timestamp...Done
Testing connection speed...(this could take a while)...Done
Ping:20.843 Testing connection speed to mirrors.kernel.org using pureperl...(105466.67 bytes/s)...Done
Ping:29.612 Testing connection speed to cpan.hostrack.net using pureperl...(62940.00 bytes/s)...Done
Ping:22.072 Testing connection speed to cpan-sj.viaverio.com using pureperl...(52383.33 bytes/s)...Done
Three usable mirrors located
Three usable mirrors located
Mirror Check passed for mirrors.kernel.org (/index.html)
CPAN: File::HomeDir loaded ok (v0.65)
CPAN: Storable loaded ok (v2.16)
Going to read /home/jaymaa/.cpan/Metadata
  Database was generated on Sat, 16 Jun 2007 20:10:18 GMT
CPAN: LWP::UserAgent loaded ok (v2.033)
CPAN: Time::HiRes loaded ok (v1.9707)
Fetching with LWP:
  http://mirrors.kernel.org/cpan/authors/01mailrc.txt.gz
CPAN: YAML loaded ok (v0.62)
Going to read /home/jaymaa/.cpan/sources/authors/01mailrc.txt.gz
............................................................................DONE
Fetching with LWP:
  http://mirrors.kernel.org/cpan/modules/02packages.details.txt.gz
Going to read /home/jaymaa/.cpan/sources/modules/02packages.details.txt.gz
  Database was generated on Sun, 17 Jun 2007 22:09:46 GMT
............................................................................DONE
Fetching with LWP:
  http://mirrors.kernel.org/cpan/modules/03modlist.data.gz
Going to read /home/jaymaa/.cpan/sources/modules/03modlist.data.gz
............................................................................DONE
Going to write /home/jaymaa/.cpan/Metadata
OpenSSL is up to date (0.09).
perlmod--Install done

 

and I'm basically wondering if https:// can be made to work.

[karath]

Try downloading from www.proxybuilder.com instead. It offers simpler proxies.

[joemama718]

I downloaded it...and they're using the same exact script. =X

[Ashoat]

Why do you need https:// to work? Most proxies don't use secure connections. If you really want it I guess I could enable the SSL manager for your specific account. But personally I don't see a need.

[joemama718]

well, for example, when I try to access Orkut it won't allow me.

 

edit//

and it would be SO appreciated if you did.

[Ashoat]

What software are you using for your proxy and what method does it use to download webpages? If you are using a proxy that is written in PHP and it utilizes cURL for downloading webpages, it should work with SSL as the HelioHost server has cURL w/ SSL support enabled, and compiled in PHP. I'm not very experienced in whatever CGIProxy uses (I assume Perl? I know only a little Perl), so I'm not sure what methods it supports and and which one CGIProxy utilizes. The problem may very well be a software limitation.

Basically, if you want me to install a package on the server or enable something, please tell me. Otherwise, you'll need to figure that out before you ask me to help, as I really don't know what this situation requires.

[joemama718]

Ah I think the error was generated by my browser. When I try to go to https://jaymaa.heliohost.org/ I get an error saying "jaymaa.heliohost.org has sent an incorrect or unexpected message. Error Code -12263" Upon searching this on Google, a reference page on the Mozilla webpage (I'm using Firefox) says: "This generally indicates that the remote peer system has a flawed implementation of SSL, and is violating the SSL specification."

 

I really don't know any Perl either...but does the above help at all in figuring out what's wrong? Basically I just need to have https:// work.

 

I appreciate the help greatly...

[Ashoat]

Why do you need https:// to work...? What is your reason?