[Owasp-infrastructure] OCMS - current status as of 2011-05-09

Mark Bristow mark.bristow at owasp.org
Tue May 10 10:58:39 EDT 2011


Thanks Larry.  I'll move the database tonight.

On Tue, May 10, 2011 at 9:41 AM, Laurence Casey <
larry.casey at aspectsecurity.com> wrote:

> The certificate has been installed. All looks good.
>
>
>
>
>
> --Larry
>
>
>
> *From:* owasp-infrastructure-bounces at lists.owasp.org [mailto:
> owasp-infrastructure-bounces at lists.owasp.org] *On Behalf Of *Mark Bristow
> *Sent:* Tuesday, May 10, 2011 8:30 AM
> *To:* Matt Tesauro
> *Cc:* owasp-infrastructure; Laurence Casey
> *Subject:* Re: [Owasp-infrastructure] OCMS - current status as of
> 2011-05-09
>
>
>
> Matt,
>
> Good luck on your surgery!  Hope you get it all fixed up.
>
> Just for everyone's SA, the application actually runs off the root
> directory /events is just one of the modules (there is also /registration,
> /accounts, /admin) with more modules planed for later in development.  It
> appears however that Matt's mod-rewrite redirects for all of these paths so
> we are good to go.
>
> Larry, let me know when you get the wildcard cert in and I'll move the
> production system over to the new site and redirect ocms.owasptools.org ->
> ocms.owasp.org.
>
> Thanks,
> -Mark
>
> On Mon, May 9, 2011 at 11:28 PM, Matt Tesauro <matt.tesauro at owasp.org>
> wrote:
>
> Larry & Mark,
>
>
>
> Here's what I've done this evening:
>
>    1. Set the hostname to ocms.owasp.org permanently
>    2. Moved /etc/apache2/conf.d/ocms.owasp.org to
>    /etc/apache2/sites-available so that our setup will follow Debian Apache
>    conventions
>    3. Enabled SSL for ocms.owasp.org (using IP-based virtual host)
>
>
>    1. Moved configuration details of ocms.owasp.org to ssl-ocms.owasp.orgunder /etc/apache2/sites-available
>       2. Enables ssl-ocms.owasp.org site ( with # a2ensite
>       ssl-ocms.owasp.org)
>       3. Gutted ocms.owasp.org to only rewrite any request to SSL
>
>
>    1. Setup an account for Larry to add the wildcard cert to the server
>
> Notes
>
>    - Currently, the site uses a default self-signed certificate
>    - All the Apache SSL configuration directives are in the
>    file /etc/apache2/sites-available/ssl-ocms.owasp.org
>    - Currently, no syntax errors exist in the Apache conf and no warning
>    are issued on a restart/reload
>    - Mod_rewrite will forward requests with a path so
>    http://ocms.owasp.org/events will be redirected to
>    https://ocms.owasp.org/events
>    - I will email Larry directly with his username.  I verified his
>    account has sudo privs.
>
> I think that is it.
>
>
>
> Reminder:  I'm having knee surgery tomorrow and will be out (for sure) all
> day tomorrow and slowing getting back to normal-ish over the next week.
>
>
>
> Cheers!
>
>
> --
> -- Matt Tesauro
> OWASP Board Member
> OWASP WTE Project Lead
> http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project
> http://AppSecLive.org - Community and Download site
>
>
>
>
> --
> Mark Bristow
> (703) 596-5175
> mark.bristow at owasp.org
>
> OWASP Global Conferences Committee Chair - http://is.gd/5MTvF
> OWASP DC Chapter Co-Chair - http://is.gd/5MTwu
> AppSec DC Organizer - https://www.appsecdc.org
>



-- 
Mark Bristow
(703) 596-5175
mark.bristow at owasp.org

OWASP Global Conferences Committee Chair - http://is.gd/5MTvF
OWASP DC Chapter Co-Chair - http://is.gd/5MTwu
AppSec DC Organizer - https://www.appsecdc.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-infrastructure/attachments/20110510/042d5bf6/attachment.html 


More information about the Owasp-infrastructure mailing list