You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Himanshu Soni <hi...@pk3i.com> on 2003/06/13 20:03:39 UTC
[users@httpd] Opening ports other than 80/443 on apache
Hi
Our website has certain web forms that requires SSL with client
authentication turned on. These forms use the POST method due to size
limitations with the GET method. Most of the other stuff does not
require SSL with client authentication turned on. Due to problems with
apache+mod_ssl as documented here:
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=12355, POST's are
failing.
To get around this problem, I recommended to my sysadmin that we use
another port that is dedicated to web forms that require SSL with client
authentication. However my sysadmin told me that most corporate
firewalls restrict inbound and outbound HTTP(s) traffic on ports other
than 80/443. Before I blindly trust what the sysadmin says, I wanted to
get opinion from people on this list on whether its reasonable to expect
ports other than 80/443 to be blocked for both inbound and outbound
traffic.
Thanx
Himanshu Soni
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Opening ports other than 80/443 on apache
Posted by Miguel González Castaños <mg...@tid.es>.
Well, In my corporate actually 80/443 are the only outbound ports we are
allowed to connect to.
HTH
Miguel
Himanshu Soni ha escrito:
> Hi
>
> Our website has certain web forms that requires SSL with client
> authentication turned on. These forms use the POST method due to size
> limitations with the GET method. Most of the other stuff does not
> require SSL with client authentication turned on. Due to problems with
> apache+mod_ssl as documented here:
> http://nagoya.apache.org/bugzilla/show_bug.cgi?id=12355, POST's are
> failing.
>
> To get around this problem, I recommended to my sysadmin that we use
> another port that is dedicated to web forms that require SSL with client
> authentication. However my sysadmin told me that most corporate
> firewalls restrict inbound and outbound HTTP(s) traffic on ports other
> than 80/443. Before I blindly trust what the sysadmin says, I wanted to
> get opinion from people on this list on whether its reasonable to expect
> ports other than 80/443 to be blocked for both inbound and outbound
> traffic.
>
> Thanx
>
> Himanshu Soni
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org