Hi, I have been asked by my employer to remove the port number from the ISPC 3.1 admin URL but I am currently stumped as editing Apache 2.4 on Debian 9.7, I tried mod_rewrite but it didn't work. all edits to the Vhost crashed Apache so I have rolled it back to backup so it now works using the default url:8080 Any advise would be appreciated! Regards, Shaun
1) Change the port 8080 to 443 in the ispconfig.vhost file. 2) Remove the listen directive fpr port 8080. 3) Add a ServerName directive in the ispconfig vhost for the domain/subdomain that you want to use to access ispconfig in future.
There are 2 ways to go about that, either configure the ispconfig vhost with a servername on port 443, or leave ispconfig on port 8080 and add a vhost for port 443 which proxies the connection to 8080. To do the former try: Code: sed -i -e '/^\s*Listen/d' -e '/^\s*NameVirtualHost/d' -e 's/8080/443/g' -e "/ServerAdmin/a\\ ServerName `hostname -f`\\ IncludeOptional conf-available/ispconfig-*.conf" /etc/apache2/sites-available/ispconfig.vhost service apache2 restart That will change the live vhost configuration, but you also need to make that change to a conf-custom file so it is upgrade safe: Code: wget -O /usr/local/ispconfig/server/conf-custom/apache_ispconfig.vhost.master https://git.ispconfig.org/ispconfig/ispconfig3/raw/stable-3.1/install/tpl/apache_ispconfig.vhost.master sed -i -e "/ServerAdmin/a\\ ServerName `hostname -f`\\ IncludeOptional conf-available/ispconfig-*.conf" /usr/local/ispconfig/server/conf-custom/apache_ispconfig.vhost.master Note that you'll need to manually check for changes in the apache_ispconfig.vhost.master file every time you upgrade to see if you need to change your own conf-custom version, as ISPConfig does not currently have a way to track/compare those and notify you during upgrades. Usually (though not always) there aren't changes for 3rd level upgrades like 3.1.13 -> 3.1.14, but when 3.2 comes out you almost certainly will need to manually upgrade your conf-custom copy as well.
And please do what Jesse suggested about the conf-custom thing. Forgot to mention how you can make your change update safe
Could you please explain the second option: leave ispconfig on port 8080 and add a vhost for port 443 which proxies the connection to 8080.
create a website in ispconfig to be used for control panel acccess (or subdomain vhost) ie.. assuming your control panel server is named server1.mydomain.com and you want to allow control panel access on the url https://mypanel.mydomain.com create the website mypanel.mydomain.com in ispconfig (along with relevant dns entries, redirecting http to https, and applying a certificate to the website... ie the standard stuff the should be done on all websites) then once done, open the options tab for the website settings and in the apache directives area add: Code: RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} SSLProxyEngine on SSLProxyCheckPeerCN Off SSLProxyCheckPeerName Off RequestHeader set Front-End-Https "On" ProxyPreserveHost On ProxyRequests Off ProxyPass /.well-known/ ! ProxyPass / https://server1.mydomain.com:8080/ ProxyPassReverse / https://server1.mydomain.com:8080/ <Proxy *> Order deny,allow Allow from all </Proxy>
