Alpha Software Mobile Development Tools:   Alpha Anywhere    |   Alpha TransForm subscribe to our YouTube Channel  Follow Us on LinkedIn  Follow Us on Twitter  Follow Us on Facebook

Announcement

Collapse

The Alpha Software Forum Participation Guidelines

The Alpha Software Forum is a free forum created for Alpha Software Developer Community to ask for help, exchange ideas, and share solutions. Alpha Software strives to create an environment where all members of the community can feel safe to participate. In order to ensure the Alpha Software Forum is a place where all feel welcome, forum participants are expected to behave as follows:
  • Be professional in your conduct
  • Be kind to others
  • Be constructive when giving feedback
  • Be open to new ideas and suggestions
  • Stay on topic


Be sure all comments and threads you post are respectful. Posts that contain any of the following content will be considered a violation of your agreement as a member of the Alpha Software Forum Community and will be moderated:
  • Spam.
  • Vulgar language.
  • Quotes from private conversations without permission, including pricing and other sales related discussions.
  • Personal attacks, insults, or subtle put-downs.
  • Harassment, bullying, threatening, mocking, shaming, or deriding anyone.
  • Sexist, racist, homophobic, transphobic, ableist, or otherwise discriminatory jokes and language.
  • Sexually explicit or violent material, links, or language.
  • Pirated, hacked, or copyright-infringing material.
  • Encouraging of others to engage in the above behaviors.


If a thread or post is found to contain any of the content outlined above, a moderator may choose to take one of the following actions:
  • Remove the Post or Thread - the content is removed from the forum.
  • Place the User in Moderation - all posts and new threads must be approved by a moderator before they are posted.
  • Temporarily Ban the User - user is banned from forum for a period of time.
  • Permanently Ban the User - user is permanently banned from the forum.


Moderators may also rename posts and threads if they are too generic or do not property reflect the content.

Moderators may move threads if they have been posted in the incorrect forum.

Threads/Posts questioning specific moderator decisions or actions (such as "why was a user banned?") are not allowed and will be removed.

The owners of Alpha Software Corporation (Forum Owner) reserve the right to remove, edit, move, or close any thread for any reason; or ban any forum member without notice, reason, or explanation.

Community members are encouraged to click the "Report Post" icon in the lower left of a given post if they feel the post is in violation of the rules. This will alert the Moderators to take a look.

Alpha Software Corporation may amend the guidelines from time to time and may also vary the procedures it sets out where appropriate in a particular case. Your agreement to comply with the guidelines will be deemed agreement to any changes to it.



Bonus TIPS for Successful Posting

Try a Search First
It is highly recommended that a Search be done on your topic before posting, as many questions have been answered in prior posts. As with any search engine, the shorter the search term, the more "hits" will be returned, but the more specific the search term is, the greater the relevance of those "hits". Searching for "table" might well return every message on the board while "tablesum" would greatly restrict the number of messages returned.

When you do post
First, make sure you are posting your question in the correct forum. For example, if you post an issue regarding Desktop applications on the Mobile & Browser Applications board , not only will your question not be seen by the appropriate audience, it may also be removed or relocated.

The more detail you provide about your problem or question, the more likely someone is to understand your request and be able to help. A sample database with a minimum of records (and its support files, zipped together) will make it much easier to diagnose issues with your application. Screen shots of error messages are especially helpful.

When explaining how to reproduce your problem, please be as detailed as possible. Describe every step, click-by-click and keypress-by-keypress. Otherwise when others try to duplicate your problem, they may do something slightly different and end up with different results.

A note about attachments
You may only attach one file to each message. Attachment file size is limited to 2MB. If you need to include several files, you may do so by zipping them into a single archive.

If you forgot to attach your files to your post, please do NOT create a new thread. Instead, reply to your original message and attach the file there.

When attaching screen shots, it is best to attach an image file (.BMP, .JPG, .GIF, .PNG, etc.) or a zip file of several images, as opposed to a Word document containing the screen shots. Because Word documents are prone to viruses, many message board users will not open your Word file, therefore limiting their ability to help you.

Similarly, if you are uploading a zipped archive, you should simply create a .ZIP file and not a self-extracting .EXE as many users will not run your EXE file.
See more
See less

SSL intermediate certificate

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    SSL intermediate certificate

    I have recently set up a new HTTPS website and installed the SSL certificate.
    However, the instructions from the provider state:

    If you need to, you can also download the current (SHA-2) intermediate certificates at the following links.....
    This link takes me to a download of a *.pem file. Is this a "Certified Chain File"? On the Application Server, the "Certified Chain File" does not look for a *.pem file.

    I got SSL working without specifying a "Certified Chain File", but maybe I have compromised the security? This is all unchartered waters for me, so any feedback will be much appreciated.
    Last edited by Garry Flanigan; 10-13-2021, 10:55 PM.

    #2
    The major problem with application server (in production server) is that it can not in practise handle Dos attacs. So if this kind of scenario is a problem then you need to have some kind of reverse proxy in front of your application server. Cloudflare is one alternative. With Cloudflare you can also use their SSL and and at same time you get rock solid security for your server. And Cloureflare also gives tools to hide your real IP which is a good bonus but this is a little difficult because application server does not support multisite feature (blank site for ip).

    Comment


      #3
      Originally posted by Garry Flanigan View Post
      This link takes me to a download of a *.pem file. Is this a "Certified Chain File"? On the Application Server, the "Certified Chain File" does not look for a *.pem file.

      I got SSL working without specifying a "Certified Chain File", but maybe I have compromised the security? This is all unchartered waters for me, so any feedback will be much appreciated.
      PEM Is the correct format for the certificate chain file used in the Alpha Anywhere Application Server. The Application Server Settings UI will filter for .crt files as this is the most common extension for PEM files. You can either change the file dialog to show all files, or you can rename the file that you downloaded to have a .crt extension.

      Your server will still be able to use the certificate without the chain file, but some clients may have trouble validating the certificate and could display warnings that the site is insecure.

      Lenny Forziati
      Vice President, Internet Products and Technical Services
      Alpha Software Corporation

      Comment


        #4
        Originally posted by kkfin View Post
        The major problem with application server (in production server) is that it can not in practise handle Dos attacs. So if this kind of scenario is a problem then you need to have some kind of reverse proxy in front of your application server. Cloudflare is one alternative. With Cloudflare you can also use their SSL and and at same time you get rock solid security for your server. And Cloureflare also gives tools to hide your real IP which is a good bonus but this is a little difficult because application server does not support multisite feature (blank site for ip).
        Ken, even when using something along the lines of Cloudflare, it is important to have TLS/SSL properly configured on your Application Server. Without it, communication between Cloudflare and your Application Server would be clear text sent across the public Internet.

        Lenny Forziati
        Vice President, Internet Products and Technical Services
        Alpha Software Corporation

        Comment


          #5
          Originally posted by Lenny Forziati View Post

          Ken, even when using something along the lines of Cloudflare, it is important to have TLS/SSL properly configured on your Application Server. Without it, communication between Cloudflare and your Application Server would be clear text sent across the public Internet.
          Yes you are right. Cloudflare will give a free SSL certificate to use with application server. This will ssl traffic between Cloudflare and application server.

          Kenneth

          Comment


            #6
            Thanks Lenny, I left it as PEM and all seems ok. Maybe Sarah can update the documentation including information about file extensions and your observations?

            Comment


              #7
              I came to help but see its already handled. I will toss in that you don't have to create your Certificate Signing Request directly on the Alpha server. I use https://csrgenerator.com/ which is a bit easier.
              Steve Wood
              See my profile on IADN

              Comment


                #8
                Originally posted by kkfin View Post
                The major problem with application server (in production server) is that it can not in practise handle Dos attacs. So if this kind of scenario is a problem then you need to have some kind of reverse proxy in front of your application server. Cloudflare is one alternative. With Cloudflare you can also use their SSL and and at same time you get rock solid security for your server. And Cloureflare also gives tools to hide your real IP which is a good bonus but this is a little difficult because application server does not support multisite feature (blank site for ip).

                Add cloudflare to your Domain DNS and it will handle dos attacks :)

                Comment


                  #9
                  Originally posted by TheDevilIsMe View Post


                  Add cloudflare to your Domain DNS and it will handle dos attacks :)
                  I do not understand how this will protect your IP from direct hit. Maybe you can explain how this protect your IP from direct access.

                  Kenneth

                  Comment


                    #10
                    Originally posted by kkfin View Post

                    I do not understand how this will protect your IP from direct hit. Maybe you can explain how this protect your IP from direct access.

                    Kenneth
                    Well as far as I understand
                    it’s like you are publishing your site to 100 location over the world
                    and so when someone visit your website he will go to nearest published version of your website
                    that would increase speed and lower latency on browsing.
                    Also they will encrypt your site information that will make it hard for attackers to steal information
                    For dos attack protection details you may read here from their website https://www.cloudflare.com/ddos/.

                    Last edited by TheDevilIsMe; 10-19-2021, 02:29 AM.

                    Comment


                      #11
                      Originally posted by TheDevilIsMe View Post

                      Well as far as I understand
                      it’s like you are publishing your site to 100 location over the world
                      and so when someone visit your website he will go to nearest published version of your website
                      that would increase speed and lower latency on browsing.
                      Also they will encrypt your site information that will make it hard for attackers to steal information
                      For dos attack protection details you may read here from their website https://www.cloudflare.com/ddos/.
                      I have used CloudFlare with Alphas Application server about four years so I know how it works and how to configure it and protect from ddos.

                      But you are writing about CloudFlare CDN here. It is different case. What comes to CDN you still have the original problem. How to protect your own server.

                      I do not think you can use CDN with Alphas application server especially if your priority is running an application not static web pages.

                      Kenneth

                      Comment


                        #12
                        Originally posted by kkfin View Post

                        I have used CloudFlare with Alphas Application server about four years so I know how it works and how to configure it and protect from ddos.

                        But you are writing about CloudFlare CDN here. It is different case. What comes to CDN you still have the original problem. How to protect your own server.

                        I do not think you can use CDN with Alphas application server especially if your priority is running an application not static web pages.

                        Kenneth
                        I know that cloudflare will provide SSL to encrypt data over your website , but as for the server being public ip , this is matter of network stuff , for me I am using untangle which filter users requests & redirect requests from IP's of users to my server , so my server actually is behind the firewall and the firewall will not allow DDOS attack to get into my server.

                        What you have to do is getting 2 Servers , one have public ip act as firewall and the other server will be alpha public internal ip not public.
                        and so when someone request the firewall it will forward it based on requested port number which is 80 for http and so you will be able to manage loads of stuff within your firewall configration.

                        Untangle is free of cost but have paid addOns .
                        It's nice stuff you can try it
                        click here

                        And thanks for sharing this valuable information .
                        Last edited by TheDevilIsMe; 10-19-2021, 05:36 AM.

                        Comment


                          #13
                          Originally posted by TheDevilIsMe View Post
                          I know that cloudflare will provide SSL to encrypt data over your website , but as for the server being public ip , this is matter of network stuff , for me I am using untangle which filter users requests & redirect requests from IP's of users to my server , so my server actually is behind the firewall and the firewall will not allow DDOS attack to get into my server.

                          What you have to do is getting 2 Servers , one have public ip act as firewall and the other server will be alpha public internal ip not public.
                          and so when someone request the firewall it will forward it based on requested port number which is 80 for http and so you will be able to manage loads of stuff within your firewall configration.

                          Untangle is free of cost but have paid addOns .
                          It's nice stuff you can try it
                          click here

                          And thanks for sharing this valuable information .
                          No thanks for untangle. I already have three firewalls and one reversy proxy. That is enough to me to.

                          Have you tested untagle is compatibe with Alphas security and sessions and ajax requests?

                          Kenneth

                          Comment


                            #14
                            Originally posted by kkfin View Post

                            No thanks for untangle. I already have three firewalls and one reversy proxy. That is enough to me to.

                            Have you tested untagle is compatibe with Alphas security and sessions and ajax requests?

                            Kenneth
                            I didn't test it a lot with alpha because for me it's waste of time.
                            All I can say that you cannot secure anything online.
                            That's a fact I learned out of my own experience.

                            Comment


                              #15
                              Originally posted by kkfin View Post

                              No thanks for untangle. I already have three firewalls and one reversy proxy. That is enough to me to.

                              Have you tested untagle is compatibe with Alphas security and sessions and ajax requests?

                              Kenneth
                              what firewall your using for alpha ?
                              I used to have 40gates , juniper , cisco ..

                              Comment

                              Working...
                              X