Hi, i'm new to ispconfig. i'm facing an issue : i want to host a mta-sts.domain.tld. Problem : mta-sts.txt is situated inside .well-known folder, which is denied from access. Any idea on how to permit it ? Regards.
Hi, thanks for your return. Can i add those directives directly into the configuration in isp ? location ~ ^/\.well-known/mta-sts\.txt$ { try_files $uri $uri/ @mta-sts; } location @mta-sts { root /var/www/mta-sts/; rewrite /.well-known/mta-sts.txt /mta-sts.php break; try_files $uri $uri/ =404; include /etc/nginx/fastcgi_params; fastcgi_pass unix:/var/run/php/php-fpm.sock; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_intercept_errors on; }
Yes that should work. Though you could also do it in a customized vhost in /usr/local/ispconfig/server/conf-custom/ so it's in every website automatically. If you've got a website in which you explicitly don't want it you can use directive: Code: location ~ ^/\.well-known/mta-sts\.txt$ { ##delete## location @mta-sts { ##delete## I'm doing it the easy way, with an include in a customized vhost as described on github.
If you're interested in mta-sts you may also be interested in .well-known/security.txt? I've created something a bit similar to mta-sts, to deploy .well-known/security.txt serverwide to every website. Fully compatible with ispconfig and customers can overwrite it with their own security.txt on their own websites. https://forum.howtoforge.com/threads/server-wide-security-txt.90153/#post-457712
hi, my problem is that i need an mta-sts.txt per domain : some may be in testing, others in enforced. With what you provide, unless i misunderstood, it's a global setting.
if i overwrite/add config in vhost file, will it be overwritten when modifiying configuration from panel or at an update ?
If you want to overwrite the configuration of a specific vhost, use the Apache or Nginx directives of the website. If you like to override the config for all vhosts, create a custom vhost template in /usr/local/ispconfig/server/conf-custom/ folder. In both cases, changes will not be overwritten by ISPConfig.
hi till, i would like t oadd some code like this to enable access to the file. But for now, i don't really know where to add it (i know i can add a modification do nginx config btw). location ~ ^/\.well-known/mta-sts\.txt$ { try_files $uri $uri/ @mta-sts; } location @mta-sts { root /var/www/mta-sts/; rewrite /.well-known/mta-sts.txt /mta-sts.php break; try_files $uri $uri/ =404; include /etc/nginx/fastcgi_params; fastcgi_pass unix:/var/run/php/php-fpm.sock; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_intercept_errors on; }
If you want to do it for one site, use the Nginx directives field on the options tab of the website. If you like to do it for all new and updated sites, copy the nginx vhost template from /usr/local/ispconfig/server/conf/ to /usr/local/ispconfig/server/conf-custom/ and change the copy in /usr/local/ispconfig/server/conf-custom/ to match your requirements.
thanks for the guidance. btw... sorry for being such a noob in ISPConfig here is what i added. But still getting 403.
hi, i ended adding this inside the Options section : Code: location = /.well-known/mta-sts.txt { auth_basic off; allow all; default_type text/plain; try_files $uri =404; break; } thanks for your help !
