1. Home
  2. Networking Firewalls
  3. Question on ZoneAlarm vs. a single server hosting multiple websites

Question on ZoneAlarm vs. a single server hosting multiple websites

I came across something interesting, and wanted to ask people who probably know more than I do...

We have a number of websites hosted on one IIS server, running via Hostheaders (as in, more than one website on the same server, therefore, the same IP address). For testing purposes, I have a PC running EZ-Firwall

5.1.039.004 (which I believe is just rebaded ZoneAlarm pro) on a Windows XP Pro machine.

The FIRST site accessed running on a given server works fine.

The second site running on that same server, if 3rd party cookies are being blocked, will have it's cookies blocked. I know that because the Site List on the Privacy tab shows the sitename of the first site only. (This also happens across sessions).

In other words, somewhere in Zonealarm, it's remembering the domain name of the first site, associating it with the IP, and assuming any other site coming along won't have the same IP... Except in the case of multiple sites on one server (therefore one IP) won't work, except for the very first one accessed. (ZoneAlarm Pro v5, session and persistent cookies allowed, 3rd party, web bugs, and private header info blocked).

Any opinions on this theory, from people more versed in ZA? And is there a way around it?

Reply to
johnNOSPAMPLEASETHANKSqtampa
Loading thread data ...

Hi,

Not a user of E-Trust, however I do know its a personal firewall and it doesnt have the features you will need for a shared webhost. If you are leasing webspace you should have a better firewall in place than a 30$ personal firewall, there are plenty of options out there, if you want to really amp up the security chuck an old server in behind the router and install linux with iptables or ipcop.

Flamer.

Reply to
die.spam

Thanks for the reply...

Let me rephrase my question: It's not that I'm trying to protect the Server with a personal firewall, it's that I'm trying to troubleshoot how the firewall behaves, from the perspective of an end user who might be trying to access our sites.

This particular item seemed like a missing ingredient in the firewall, since it doesn't seem to be capable of handling a user who visits two different sites hosted on the same server.

What we have encountered as personal firewalls proliferate, we get more and more tech support calls from people using our sites having "session expired" problems. In the good old days, you walked callers through the process of making sure their browser is set to accept cookies, and the problem was solved. Nowadays, with personal firewalls, ad-blockers, spyware preventers, privacy protectors, internet security suites, and even some pop-up blockers, we're stuck with telling a small percentage of callers, "Go use a different computer", because some piece of software on their computers is intercepting the cookie and preventing the user from getting into our site.

Reply to
johnNOSPAMPLEASETHANKSqtampa

Sincere condolences. It's really catastrophic, what "Personal Firewalls" are doing to the users, and therefore to the web-site owners, too.

Yes. Usually, all those tools only destroy the network functionality.

Yours, VB.

Reply to
Volker Birk

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.