Results 1 to 9 of 9

Thread: How do I allow localhost:8080 to create a cookie?

  1. #1
    davidf Guest

    Default How do I allow localhost:8080 to create a cookie?

    I am running a MoinMoin Wiki on Apache using localhost:8080. ZoneAlarm Security Suite version 7.0.470.000 will not allow the Wiki to set a session cookie. It works fine if I turn off ZoneAlarm. I can allow localhost but not localhost:8080. Privacy Advisor says it is blocking cookies from the site.

    How do I set the configuration to allow cookies from localhost:8080?

    Operating System:Windows XP Pro
    Software Version:7.0
    Product Name:ZoneAlarm Internet Security Suite

  2. #2
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: How do I allow localhost:8080 to create a cookie?

    Enter the 127.0.0.1 IP into the Privacy of the ZA and allow all cookies.

    The 127.0.0.1 has to be entered as Trusted in the Zones of the Firewall.

    The apache server listed in the ZA program list must be allowed the Trusted server.

    Set the Trusted Zone SEeurity slider to Low or Medium, not the High setting.

    Allow Trusted servers in the Advanced of the Firewall.

    Oldsod.
    Best regards.
    oldsod

  3. #3
    davidf Guest

    Default Re: How do I allow localhost:8080 to create a cookie?

    Oldsod,

    I am not sure what you mean by "Allow Trusted servers in the Advanced of the Firewall" Could you please clarify.

    Thanks, David

  4. #4
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: How do I allow localhost:8080 to create a cookie?

    Open the ZA, open the Firewall's Main panel, click the Advanced button, and uncheck the "Block Trusted Servers".
    Oldsod.
    Best regards.
    oldsod

  5. #5
    davidf Guest

    Default Re: How do I allow localhost:8080 to create a cookie?

    I have done all you suggest and the cookie is still being blocked. When I click on the login button in my browser the ZoneAlarm Privacy Advisor pops up and tells me "Privacy has Blocked Cookies". When I "Click here for details" I am shown the 127.0.0.1 entry in Privacy with all its check marks green.

  6. #6
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: How do I allow localhost:8080 to create a cookie?

    Right click the localhost (or loopback) address in the Privacy and open the Options.
    Uncheck anything that could possiblely beblocking anything.

    Also try adding something like "file://localhost/C:/*folder and file location of the software server being used*" to the Privacy and see if that helps.

    Again make sure the server application(s) has both trusted access and trusted server in the program listings of the ZA. (along with the internet access and internet server, of course).

    Check the logs in the ZA Log viewer of the Alerts and Logs for any blocked events concerning the server application.

    Oldsod.
    Best regards.
    oldsod

  7. #7
    davidf Guest

    Default Re: How do I allow localhost:8080 to create a cookie?


    <blockquote><hr>Oldsod wrote:
    Right click the localhost (or loopback) address in the Privacy and open the Options.
    Uncheck anything that could possiblely beblocking anything.

    Also try adding something like &quot;file://localhost/C:/*folder and file location of the software server being used*&quot; to the Privacy and see if that helps.

    Again make sure the server application(s) has both trusted access and trusted server in the program listings of the ZA. (along with the internet access and internet server, of course).

    Check the logs in the ZA Log viewer of the Alerts and Logs for any blocked events concerning the server application.

    Oldsod.
    <hr></blockquote>


    I have given all possible permissions to both localhost and to 127.0.0.1 in Privacy. I tried to add localhost:8080 but ZoneAlarm will not accept the url. It says it cannot find the host.

    I tried to add the full file url for the Apache httpd.exe but it would not take it.

    I see nothing in the logs.

    Ihave given the Apache executable full permissions in Programs.

    Is it possible that ZoneAlarm is having problems with custom settings for a non-standard port?

  8. #8
    davidf Guest

    Default Re: How do I allow localhost:8080 to create a cookie?

    I believe ZoneAlarm is having a problem with localhost:8080

    I reconfigured my Apache web server to listen on 192.168.1.103:8080 (my local IP Address on my LAN) instead of 127.0.0.1:8080 and the cookies are not blocked. If I listen on both IP addresses ZoneAlarm blocks cookies from localhost but not from my local IP. It also allows cookies from localhost:80, the standard http port on localhost.

    I also note that I cannot add 127.0.0.1:8080 to sites in Privacy nor do I see a way to set permissions for a specific high port.

  9. #9
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: How do I allow localhost:8080 to create a cookie?

    Port 8080 is one of the standard proxy ports, so this should not be a problem.

    Right click the apache server listed in the ZA program list.
    Open the Options.
    Open the Expert.

    First rule:
    log and no alert
    name whatever - localhost(?)
    Source: 127.0.0.1 and My Computer
    Destination: 127.0.0.1, 0.0.0.0 and My Computer
    Protocol: Any TCP/UDP

    If the apache is doing any name lookups, then add this rule:
    log and no alert
    name whatever - dns (?)
    Source: My Computer and the IPs of the DNS (s)
    Destination: My Computer and the IPs of the DNS (s)
    Protocol:
    1). first rule - tcp/udp any source port outgoing to the destination port of 53
    2).second rule - udp from the source port 53 to any destination port

    Gateway rule
    log and no alert
    name whatever - gateway (?)
    Source: My Computer and the IP with the MAC of the router/gateway (gateway option is seen in the options)
    Destination: My Computer and the IP with the MAC of the router/gateway (gateway option is seen in the options)
    Protocol: the minimum needed is the dhcp and dhcp clients for both source and destination, but I would also include bradcast and what ever ports are opened in the router/gateway for the apache server.

    If the gateway is accepting pings and other icmp for the incoming attempts for the apache server, then add this rule:
    log and no alert
    name whatever - icmp(?)
    Source: My computer and Trusted and internet Zones
    Destination: My computer and Trusted and internet Zones
    Protocol: ICMP
    (note the icmp can be modified in the Custom of the Firewall or in the expert of the firewall - allow icmp pings type 8 and 0 both outgoing and incoming, and allow the tracert icmp type 11 both outgoing and incoming, and allow internet address is unreachable icmp type 3 both outgoing and incoming. Depending on your needs or uses for the apache server.You may need more icmp to be added or less directions - all depending on your situation).

    Finally a rule for the actual traffic - depends again what this is used for - a ftp or a http server.
    Should be obvious for the Source and Destination - both should include the My Computer and the Internet Zone.
    Protocol, for example ofthe http, is allow 1-5000 source to destination tcp 80 for the http and again source port 80 to destination of 1-5000.

    Not a complete breakdown of the needed rules, but a good start.

    Oldsod.
    Best regards.
    oldsod

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •