store | blogs | forums | twitter | facebook | wiki | downloads | support portal
Atomic Secure Linux
It is currently Thu Aug 22, 2019 10:22 pm

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]




Post new topic Reply to topic  [ 4 posts ] 
Author Message
 Post subject: ASL Firewall & E-Commerce Applications
Unread postPosted: Fri Apr 24, 2015 8:06 am 
Offline
Forum Regular
Forum Regular
User avatar

Joined: Mon Apr 14, 2008 8:29 am
Posts: 306
Location: Rhode Island
Hey guys hope someone can help me out, i have a couple clients that are moving over to PrestoShop for their e-commerce and having some strange things happening and i think it is ASL firewall related. Seems that prestoshops installer and the admin panel do a lot of outbound talking and downloading depending on the module back to prestoshop.

Because of this when trying to install some things are not getting updated and also once the installer is complete the frontend is real fast but the admin is wicked slow due to it waiting to timeout on certain functions when it is trying to get out.

How and what is the best way to allow 80 and 443 traffic outbound so that they will function as designed? as a side note i also have this issue with SugareCRM and the updater and Plesk and the license key updates so usually have to kill the asl-firewall when i want to run the updaters.

I just want to allow thinks to do what they are supposed to do but also not cause a security issue or risk if i can keep it limited. I did just try adding 80 & 443 to the Outbound TCP services setting in the asl config but not sure if this is the best way and not positive if these are even what ports yet they are trying to get out on.

thanks in advance.

_________________
James Nascimento
Chief Information Officer
East Commerce Solutions, Inc.
22 Morris Lane
East Providence, RI 02914
Ph. 800-527-5395 x263
Fax. 888-999-5891


Top
 Profile  
Reply with quote  
 Post subject: Re: ASL Firewall & E-Commerce Applications
Unread postPosted: Fri Apr 24, 2015 10:24 am 
Offline
Long Time Forum Regular
Long Time Forum Regular

Joined: Thu Dec 09, 2004 11:19 am
Posts: 2321
Could be DNS as well.

Or is could be similar to the annoying issue I'm seeing with Wordpress not being able to resolve or connect to downloads.wordpress.org or whatever it is more often than not, causing people to have to try scores of times before being able to download an update.

Now in my case I don't have outbound connections firewalled at all. Are you sure that you do? If you don't then it isn't likely to be anything to do with outbound and more likely something else entirely.

I take it that there's nothing shown in the ASL log for the hosted domain in question?

_________________
--------------------------------
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>


Top
 Profile  
Reply with quote  
 Post subject: Re: ASL Firewall & E-Commerce Applications
Unread postPosted: Fri Apr 24, 2015 10:33 am 
Offline
Forum Regular
Forum Regular
User avatar

Joined: Mon Apr 14, 2008 8:29 am
Posts: 306
Location: Rhode Island
Faris,
Your correct it seems any type of crm or cms cannot get out and connect to anything, and there is nothing in the logs and i looked everywhere. DNS is not issue as i have done nslookups on all the respected links these crm and cms mention and they resolve fine.

If i do a service asl-firewall stop and try some of these admin features seems to work but i can't leave it like that.

_________________
James Nascimento
Chief Information Officer
East Commerce Solutions, Inc.
22 Morris Lane
East Providence, RI 02914
Ph. 800-527-5395 x263
Fax. 888-999-5891


Top
 Profile  
Reply with quote  
 Post subject: Re: ASL Firewall & E-Commerce Applications
Unread postPosted: Fri Apr 24, 2015 11:00 am 
Offline
Long Time Forum Regular
Long Time Forum Regular

Joined: Thu Dec 09, 2004 11:19 am
Posts: 2321
Domains resolve correctly for me too. Oddly, as soon as I've pinged, it SEEMS to become easier for the php script to access the download site. But this may be my imagination.

Anyway, if it seems to work with the firewall down then that surely must indicate a firewall or iptables/configuration issue

If you have ASL logging firewall drops, have you cross-checked the IPs that the domains in question resolve to, to see if they appear in the log? If not, maybe turning drop logging on in order to do so might help. (I have not done this - I have only just thought of it).

_________________
--------------------------------
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 4 posts ] 

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group