Hits on my apache server ALL using port 443?

Forum Moderators: phranque

Message Too Old, No Replies

Hits on my apache server ALL using port 443?

Why the use of the SSL port?

jrfoleyjr

1:41 am on Jul 28, 2011 (gmt 0)

My apache server has been quite active and I like to keep an eye on various things of its operation. So I loaded tcpview to see what is happening from that perspective. I discovered that nearly everyone is using port 443 to hit my server. I looked in the apache httpd.conf and sure enough, mod_ssl is turned on. I don't need it because my site has no ads or any pay options here. Port 80 is open and one or two visitors turn up using it too.

I don't have a secure site certificate posted.

The section about mod_ssl in the apache config was just something that I looked at but didn't consider one way or the other when I set up the server, until now.

Question: Why would so many visitors be using the SSL port, or is there something else that I am missing? Is there a port 443 exploit of some sort?

inbound

5:22 am on Jul 30, 2011 (gmt 0)

I'd start by looking at whether legitimate sources of traffic are sending visitors to https; if there's a glitch with how your site is indexed by search engines you at least know one thing - but that still leaves you the issue of finding out why search engines thing https is correct. Sometimes an authoritative inbound link can get engines requesting the "wrong" URL (and if your site serves content from that "wrong" URL you're in all sorts of search engine trouble. Looking into "canonical" issues may help. Remember that a secure connection that is untrusted will drive people away.

If outside sources are sending people to http then you know that there's something in your server setup. If there's no need for SSL then I'd shut that avenue off.