Modifications for on-prem ISPConfig

Discussion in 'Installation/Configuration' started by Kveldulv, Jun 2, 2024.

  1. Kveldulv

    Kveldulv New Member

    Hi,
    I've been hosting websites with ISPConfig for years from within our own little DC at our company. For technical reasons we're changing ISP this month and there will no longer be a static IP and all ports under 1024 will be blocked.
    So I've set up a new VPS in the cloud with ISPConfig and everything has been migrated. So far so good.

    But we have 2 websites that we'd like to keep onsite. So they're left on the old server on-prem. They're for private use only so it's ok that they're not running on port 80/443.
    I know I can change the ports on the vhost, but won't they be overwritten when ISPConfig upgrades? And what about new websites if I ever need any? I'd like to have them by default on let's say 2080/2443.

    What would need to be changed to keep LetsEncrypt going on those ports?

    And is there an easy way to get geo-blocking on ISPConfig?

    Thanks
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Copy the file /usr/local/ispconfig/server/conf/vhost.conf.master to /usr/local/ispconfig/server/conf-custom/vhost.conf.master

    Then change the line:

    Code:
    <VirtualHost {tmpl_var name='ip_address'}:{tmpl_var name='port'}>
    to

    Code:
    <tmpl_if name='port' op="==" value="443">
    <VirtualHost {tmpl_var name='ip_address'}:2443>
    <tmpl_else>
    <VirtualHost {tmpl_var name='ip_address'}:2080>
    </tmpl_if>
    
    ISPConfig uses Let's Encrypt with HTTP auth and Let's Encrypt will not issue a SSL cert if it can't reach your server on port 80 in that mode.

    You can't do that from within ISPConfig. You will have to set it up manually.
     
    ahrasis likes this.
  3. Kveldulv

    Kveldulv New Member

    Ok thanks!
     

Share This Page