Web-server configuration
Supported software
Currently, ISPmanager supports the following servers:
- Nginx 1.1.15 and later
- Apache 2.2
- Microsoft IIS.
Differences from the previous versions
- Information about the web-domain settings is saved in the ISPmanager internal base. I.e. the changes made to the configuration files manually will be lost when changing parameters from the control panel, if the settings made manually conflict with those configured in the control panel. Those changes will be saved when editing a domain, if possible.
- Settings of each web-domain are located in a separate file. The files are located in directories based on the domain owner name.
- Access to directories (diraccess) is specified in the web-server configuration file into file containing corresponding web-domain settings (.htaccess was used in the previous version)
- PHP can be used through both Apache and Nginx (php-fpm is used). As now you can use php without Apache, using Apache and Nginx may not start the Apache server, if the request can be processed by Nginx.
- You can use multiple IP addresses for web-domain.
- Activating SSL in the Nginx settings will create a separate "server" section
- logrotate is used for rotating logs and errors
Web server settings
The following parameters are used regardles of the type of your web-server
path php-cgi The open_basedir value for php that will be used for web-domains. You can use the macros _home_ to add into the path to user home directory WebDefaultAliases
List of aliases that will be available to users when ordering a web-domain. You may use the _name_ macros, to add the line into the name of the main domain. BackendBind
List of web-domains that are used WebUser
List of available encoding for the web-domain from the file etc/charset. Only utf-8 is specified by default.
Example
If you specify
path php_open_basedir none
The following information will be added into VirtualHost
php_admin_value open_basedir "none"
Apache configuration
When starting the panel, Apache modules are queried to define possible settings
cgi_module if it is possible to work with CGI scripts fastcgi_module or fcgid_module if it is possible to use php as fastcgi php5_module if it is possible to work with php as Apache module
If CGI is supported the the file specified in path php-cgi, you will be able to use php as CGI
Following is a list of parameters used for customizing the control panel:
Option ApacheITK is added if Apache ITK is used. AssignUserID is specified instead of the SuexecUserGroup directive path apachectl For specifying ports in Apache Listen will be added for all IP address of the server. By default: 80 443. This will enable to decrease the number of hard reboots of Apache.
Nginx configuration
When starting the panel, php-fpm is checked. If it is found, php as fastcgi can be used in web-domain settings.
Following is a list of parameters that are used for customizing the control panel:
path nginx-vhosts paths to files with additional settings that will be added into "server" for each domain (the Include direcrory is used) path fpm-pool.d
Example
If you set
path nginx-static ~* ^youscript\.ext$
location will be created
location ~* ^youscript\.ext$ {
try_files $uri $uri/ @fallback;
}
instead of
location ~* ^.+\.(jpg|jpeg|gif|png|svg|js|css|mp3|ogg|mpe?g|avi|zip|gz|bz2?|rar|swf)$ {
try_files $uri $uri/ @fallback;
}
ForwardedSecret
If you redirect requests from Nginx into the panel, we define a reverse address by the X-Forwarded-For HTTP header. Fraudulents will be able to change a reverse address using using that header enabling him to use COOKIE for sending requests as if it is another user. The panel will ignore X-Forwarded-For, if the request does not contain X-Forwarded-Secret with the same value as specified in the configuration file.
Web-server restart
Web-server is restarted in 2 seconds after the last change of settings. If during that time more changes are made, the server will be restarted in 2 seconds. You can also specify the WebRestartDelay parameter that specifies the minimum period between web-server reboot.
If the changes are not applied to the list of IP addresses/ports, soft reboot of the web-server will be made. Otherwise, the whole server will reboot.
Templates of web-server's configuration files
Configuration file templates can be used by server administrator to modify web-server's configuration files for a specific web-domain.
Templates do not modify the settings specified by ISPmanager, but enables to add additional records.
Template files are located in:
- etc/templates/apache-vhost.template — template of the web-domain's configuration file for Apache
- etc/templates/nginx-vhost.template — template of the web-domain's configuration file for Nginx
These template files are used for generating the configuration file of a certain web-domain. You may use macros for your convenience — special records that will be changed into corresponding values.
Macros have the following format: *__{PARAMETER_NAME}__*, macros names must be always upper-case
You can use any upper-case parameter of the control panel session (i.e. web-domain creation or edit request session) as a parameter name. You can also use additional parameters.
Example of macros for session parameters:
- _NAME_ — web-domain's name
- _OWNER_ — web-domain's owner
- _ALIASES_ — list of web-domain's aliases
- _EMAIL_ — web-domain's administrator email
- _DIRINDEX_ — list of web-domain's index pages
- _CHARSET_ — web-domain's default page encodings
Additional macros:
- _HOSTNAME_ — domain name of the server where the control panel is installed
- _LISTEN_ON_ — list of sequences such as IP-address:port that are used by web-domain
Example
Create the following template to add records into server's location /
server {
server_name __NAME__ __ALIASES__;
location / {
try_files $uri $uri/ /index.php?$args;
rewrite /wp-admin$ $scheme://$host$uri/ permanent;
}
}
Be sure to specify *server_name __NAME__ __ALIASES__;* in the template, otherwise ISPmanager cannot define the _server_ to add data to, and add one more _server_ into the end of the file.
Logs rotation
The web-server logs are specified into the httpd-logs directory that is not available to users. In the user home directory the "logs" directory is created where hard links to access and error logs of the user web-domains are created. Besides, the old copies of logs are also saved into the the "logs" directory.
ISPmanager 5 uses logrotate for web-server logs rotation.
path logrotate.d
Log analyzer
In theory, ISPmanager can work with any logs analyzers. The following analyzers are currently supported:
- awstats
- webalizer
path analyzer.dDirectory where scripts for log analysis are saved (separate files for each web-domain)
When installing the analyzer, the following section will be specified in the configuration file of the control panel:
Analyzer awstats {
ConfPath /etc/awstats/awstats.__NAME__.conf
BinPath /usr/lib/cgi-bin/awstats.pl
Lang en
Lang ru
}
ConfPath path where the analyzer settings for a certain web-domain will be saved. BinPath path to the executable file Lang supported languages. The Analyzer section may contain any number of such lines.
When activating the analyzer the corresponding script template from the etc/template directory (the file name matches the analyzer name) is taken. All the macros will be placed there (a complete list of macros can be found when enabling debug for the web module) and is paste into analyzer.d. The configuration will be created as well. From etc/template a corresponding .conf file will be taken. All the macros will be changed, and it will be saved into the file specified in ConfPath (_NAME_ is changed into the web-domain's name).
The script that you will receive will be called from logrotate each time logs rotation is running. If you select a rotation period, the script execution will be added into a cron job.
The following parameters of the control panel's configuration file are also used when configuring web-domains to correctly display statistics:
- AwstatsEncoding — encoding of the awstats report html-pages
- WebalizerEncoding — encoding of the webalizer report html-pages
By default these parameters are specified in "utf-8"
Re-configuring web-server (ISPmanager Business)
Sometimes when working the web-server and control you may need to reconfigure the web-server. Configuration files of all the web-domains that were created in the control panel, will be re-created.
Note! Performing this operation will delete all the manual changes made to the configuration file!
Consequently execute the following functions:
webreconfigure.initialize with parameter shutdown=on
webreconfigure.restore
Let's consider the following example using mgrctl :
/usr/local/mgr5/sbin/mgrctl -m ispmgr webreconfigure.initialize shutdown=on
/usr/local/mgr5/sbin/mgrctl -m ispmgr webreconfigure.restore