Re: Question on ZoneAlarm vs. a single server hosting multiple websites
- From: "johnNOSPAMPLEASETHANKSqtampa" <johnqNOSPAMPLEASETHANKYOUVERYMUCHflorida@xxxxxxxxx>
- Date: Mon, 17 Jul 2006 18:25:29 GMT
Thanks for the reply...
Let me rephrase my question: It's not that I'm trying to protect the Server
with a personal firewall, it's that I'm trying to troubleshoot how the
firewall behaves, from the perspective of an end user who might be trying to
access our sites.
This particular item seemed like a missing ingredient in the firewall, since
it doesn't seem to be capable of handling a user who visits two different
sites hosted on the same server.
What we have encountered as personal firewalls proliferate, we get more and
more tech support calls from people using our sites having "session expired"
problems. In the good old days, you walked callers through the process of
making sure their browser is set to accept cookies, and the problem was
solved. Nowadays, with personal firewalls, ad-blockers, spyware preventers,
privacy protectors, internet security suites, and even some pop-up blockers,
we're stuck with telling a small percentage of callers, "Go use a different
computer", because some piece of software on their computers is intercepting
the cookie and preventing the user from getting into our site.
<die.spam@xxxxxxxxxxx> wrote in message
news:1153113603.615439.29740@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
johnNOSPAMPLEASETHANKSqtampa wrote:
I came across something interesting, and wanted to ask people who
probably
know more than I do...
We have a number of websites hosted on one IIS server, running via
Hostheaders (as in, more than one website on the same server, therefore,
the
same IP address). For testing purposes, I have a PC running EZ-Firwall
5.1.039.004 (which I believe is just rebaded ZoneAlarm pro) on a Windows
XP
Pro machine.
The FIRST site accessed running on a given server works fine.
The second site running on that same server, if 3rd party cookies are
being
blocked, will have it's cookies blocked. I know that because the Site
List
on the Privacy tab shows the sitename of the first site only. (This also
happens across sessions).
In other words, somewhere in Zonealarm, it's remembering the domain name
of
the first site, associating it with the IP, and assuming any other site
coming along won't have the same IP... Except in the case of multiple
sites
on one server (therefore one IP) won't work, except for the very first
one
accessed. (ZoneAlarm Pro v5, session and persistent cookies allowed, 3rd
party, web bugs, and private header info blocked).
Any opinions on this theory, from people more versed in ZA? And is there
a
way around it?
Hi,
Not a user of E-Trust, however I do know its a personal firewall and it
doesnt have the features you will need for a shared webhost. If you are
leasing webspace you should have a better firewall in place than a 30$
personal firewall, there are plenty of options out there, if you want
to really amp up the security chuck an old server in behind the router
and install linux with iptables or ipcop.
Flamer.
.
- Follow-Ups:
- Re: Question on ZoneAlarm vs. a single server hosting multiple websites
- From: Volker Birk
- Re: Question on ZoneAlarm vs. a single server hosting multiple websites
- References:
- Question on ZoneAlarm vs. a single server hosting multiple websites
- From: johnNOSPAMPLEASETHANKSqtampa
- Re: Question on ZoneAlarm vs. a single server hosting multiple websites
- From: flamer die.spam@xxxxxxxxxxx
- Question on ZoneAlarm vs. a single server hosting multiple websites
- Prev by Date: VPN Connection checklist
- Next by Date: Re: Question on ZoneAlarm vs. a single server hosting multiple websites
- Previous by thread: Re: Question on ZoneAlarm vs. a single server hosting multiple websites
- Next by thread: Re: Question on ZoneAlarm vs. a single server hosting multiple websites
- Index(es):
Relevant Pages
|
