Control panel URL
Introduction
By default, the control panel works through the built-in web server - ihttpd. The web interface can be accessed at the following address:
https://<server IP address>:1500/ispmgrYou can configure an URL to open the control panel by the domain name.
This can be done in two ways:
- Configure ihttpd;
- Configure reverse proxy.
Configure ihttpd
If you do not plan to use any third-party web applications on your server, change the web-server ports to 80 and 443, e.g.:
ihttpd configuration file
listen {
ip 10.10.10.10
port 443
}
listen {
ip 10.10.10.10
port 80
redirect
}After you have modified the configuration file, restart the service:
systemctl restart ihttpd
Configure reverse proxy
If you plan to host sites on a server using Nginx, Apache, or OpenLiteSpeed web servers, ports 80 and 443 will already be in use. In this case, you will need to configure ihttpd to proxy requests from one of the sites.
1. Set ForwardedSecret parameter.
Specify the ForwardedSecret parameter in the panel configuration file (/usr/local/mgr5/etc/ispmgr.conf).
Example:
ForwardedSecret qwerty12345
- ForwardedSecret - A key that ensures ihttpd trusts requests from the proxy server and records the client's real IP address in the logs. This key is required to protect against client IP address spoofing.
2. Restart the control panel
After making configuration changes, restart the panel.
/usr/local/mgr5/sbin/mgrctl -m ispmgr exit
3. Open the Sites section of the control panel, select the site to change, go to Configuration files and edit the configuration according to the examples below, replacing the domain (mydomain.com), IP Address (10.10.10.10.10) and ForwardedSecret (qwerty12345) values with your own values.
Nginx configuration file
server {
server_name mydomain.com;
listen 10.10.10.10:80;
return 301 https://$host:443$request_uri;
}
server {
server_name mydomain.com;
listen 10.10.10.10:443 ssl;
ssl_certificate "/usr/local/mgr5/etc/manager.crt";
ssl_certificate_key "/usr/local/mgr5/etc/manager.key";
location ^~ /manimg/ {
alias /usr/local/mgr5/skins/;
}
location / {
proxy_pass https://10.10.10.10:1500;
proxy_redirect https://10.10.10.10:1500 /;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Secret qwerty12345;
chunked_transfer_encoding off;
}
}
Apache configuration file
<VirtualHost 10.10.10.10:80>
ServerName mydomain.com
RewriteEngine on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
</VirtualHost>
<VirtualHost 10.10.10.10:443>
ServerName mydomain.com
SSLEngine on
SSLCertificateFile "/usr/local/mgr5/etc/manager.crt"
SSLCertificateKeyFile "/usr/local/mgr5/etc/manager.key"
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
ProxyRequests Off
ProxyPreserveHost On
ProxyVia full
RequestHeader set X-Forwarded-Secret qwerty12345
<proxy *>
Order deny,allow
Allow from all
</proxy>
ProxyPass / https://10.10.10.10:1500/
ProxyPassReverse / https://10.10.10.10:1500/
</VirtualHost>
OpenLiteSpeed configuration file
virtualHost mydomain.com {
vhDomain mydomain.com
vhRoot /var/www/www-root/data
docRoot /var/www/www-root/data/www/mydomain.com
rewrite {
enable 1
rules <<<END_rules
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
END_rules
}
}
virtualHost mydomain.com-ssl {
vhDomain mydomain.com
vhRoot /var/www/www-root/data
docRoot /var/www/www-root/data/www/mydomain.com
vhssl {
keyFile /usr/local/mgr5/etc/manager.key
certFile /usr/local/mgr5/etc/manager.crt
}
extprocessor ispmgr {
type proxy
address 10.10.10.10:1500
}
context / {
type proxy
handler ispmgr
extraHeaders <<<END_extraHeaders
RequestHeader set X-Forwarded-Secret qwerty12345
END_extraHeaders
}
}
To avoid cyclic redirection, remove the line with the value "redirect" in the ihttpd configuration file /usr/local/mgr5/etc/ihttpd.conf and restart the server.
systemctl restart ihttpd