By default, the control panel runs through the in-built web-server ihttpd. The web-interface URL:
https://<server IP address>:1500/mgrName
You can configure a URL to open a control panel by the domain name.
There are two ways:
- Configure ihttpd;
- Configure nginx + ihttpd.
Configuring ihttpd
If you do not plan to use any third-party web applications on your server, change the web-server ports to 80 and 443, e.g.:
listen {
ip <адрес>
port 443
redirect
}
listen {
ip <адрес>
port 80
redirect
}
This configuration allows ihttpd to accept connections on 80 and 443 ports. The redirect will be set from port 80 to port 443.
After you have modified the configuration file, restart the service:
service ihttpd restart
COREmanager will open by https://10.10.10.10 per default. To change this, create the file /usr/local/mgr5/bin/index that contains "mgrName", so the control panel will open by https://10.10.10.10.
Redirect the A record to the corresponding IP address (10.10.10.10) to open a control panel by the domain name.
Configuring Nginx + ihttpd
Install Nginx if ISPmanager is already installed on the server. To do so, go to the Settings → Features → Web-server (WWW) → Edit.
In ISPmanager Business, this web-server is installed by default.
If ISPmanager isn't installed on your server, install Nginx manually:
yum install nginx
apt-get install nginx
Nginx settings
The following records will be added into the Nginx configuration file /etc/nginx/nginx.conf:
server {
listen 10.10.10.10:443;
server_name my.domain.com;
ssl on;
ssl_certificate /usr/local/mgr5/etc/manager.crt;
ssl_certificate_key /usr/local/mgr5/etc/manager.key;
set $mgr_proxy "https://10.10.10.10:1500";
location ^~ /manimg/ {
alias /usr/local/mgr5/skins/;
}
location / {
proxy_pass $mgr_proxy;
proxy_redirect $mgr_proxy /;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Secret mary123;
chunked_transfer_encoding off;
}
location ^~ /mancgi/ {
proxy_pass $mgr_proxy;
proxy_redirect $mgr_proxy /;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Secret mary123;
chunked_transfer_encoding off;
}
}
ForwardedSecret — if Nginx is set up, this is a combination of letters and digits constituting a key that is used for checking authentication from certain IP addresses. It helps protect from invalid login attempts.
Check that the secret phrase from the Nginx configuration file (the directive proxy_set_header X-Forwarded-Secret) matches the phrase in the control panel and COREmanager configuration files (the directive ForwardedSecret).
When you add the secret phrase in the Nginx configuration file, also add it in the control panel and COREmanager configuration files.
Restart the control panel to apply the changes in the configuration file:
/usr/local/mgr5/sbin/mgrctl -m mgrName exit
To open the control panel through the https protocol, configure the redirect. To do so, add the following information to Nginx configuration file:
server {
listen 10.10.10.10:80;
server_name my.domain.com;
rewrite ^(.*)$ https://$server_name$1 permanent;
}
Restart Nginx to apply the changes:
service nginx restart
ihttpd settings
In the ihttpd configuration file /usr/local/mgr5/etc/ihttpd.conf remove the redirect raw to avoid address cyclic readdressing.
COREmanager will open by https://10.10.10.10/ per default. To change this, create the index page /usr/local/mgr5/bin/index: this is the file that contains "mgrName" so the selected control panel will open by the IP address.
Redirect the A record to the corresponding IP address (10.10.10.10) to open a control panel by the domain name.