[Owasp-infrastructure] OCMS - current status as of 2011-05-09

Mark Bristow mark.bristow at owasp.org
Tue May 10 08:30:24 EDT 2011


Good luck on your surgery!  Hope you get it all fixed up.

Just for everyone's SA, the application actually runs off the root directory
/events is just one of the modules (there is also /registration, /accounts,
/admin) with more modules planed for later in development.  It appears
however that Matt's mod-rewrite redirects for all of these paths so we are
good to go.

Larry, let me know when you get the wildcard cert in and I'll move the
production system over to the new site and redirect ocms.owasptools.org ->


On Mon, May 9, 2011 at 11:28 PM, Matt Tesauro <matt.tesauro at owasp.org>wrote:

> Larry & Mark,
> Here's what I've done this evening:
>    1. Set the hostname to ocms.owasp.org permanently
>    2. Moved /etc/apache2/conf.d/ocms.owasp.org to
>    /etc/apache2/sites-available so that our setup will follow Debian Apache
>    conventions
>    3. Enabled SSL for ocms.owasp.org (using IP-based virtual host)
>       1. Moved configuration details of ocms.owasp.org to
>       ssl-ocms.owasp.org under /etc/apache2/sites-available
>       2. Enables ssl-ocms.owasp.org site ( with # a2ensite
>       ssl-ocms.owasp.org)
>       3. Gutted ocms.owasp.org to only rewrite any request to SSL
>    4. Setup an account for Larry to add the wildcard cert to the server
> Notes
>    - Currently, the site uses a default self-signed certificate
>    - All the Apache SSL configuration directives are in the
>    file /etc/apache2/sites-available/ssl-ocms.owasp.org
>    - Currently, no syntax errors exist in the Apache conf and no warning
>    are issued on a restart/reload
>    - Mod_rewrite will forward requests with a path so
>    http://ocms.owasp.org/events will be redirected to
>    https://ocms.owasp.org/events
>    - I will email Larry directly with his username.  I verified his
>    account has sudo privs.
> I think that is it.
> Reminder:  I'm having knee surgery tomorrow and will be out (for sure) all
> day tomorrow and slowing getting back to normal-ish over the next week.
> Cheers!
> --
> -- Matt Tesauro
> OWASP Board Member
> OWASP WTE Project Lead
> http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project
> http://AppSecLive.org - Community and Download site

Mark Bristow
(703) 596-5175
mark.bristow at owasp.org

OWASP Global Conferences Committee Chair - http://is.gd/5MTvF
OWASP DC Chapter Co-Chair - http://is.gd/5MTwu
AppSec DC Organizer - https://www.appsecdc.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-infrastructure/attachments/20110510/db6c0af9/attachment.html 

More information about the Owasp-infrastructure mailing list