Accessing the panel by domain

Configuring ihttpd

Once configured, the panel's web interface will be accessible by domain and inaccessible by IP address.

This method is suitable if the server is not planned to host websites and run web applications (Roundcube, phpMyAdmin, phpPgAdmin, Softaculous).

Issue an SSL certificate for the panel. Specify the domain that will be used to access the panel.

In the configuration file /usr/local/mgr5/etc/ihttpd.conf, change the web server ports to 80 and 443:

listen {
       ip 10.10.10.10
       port 443
}       
listen {
       ip 10.10.10.10
       port 80
       redirect
}
        sni {
                domain_cert etc/manager.crt
                domain_key etc/manager.key
                domains domain
        }

Details

Connect to the server with the panel via SSH and restart the server:
```
systemctl restart ihttpd
```

Configure reverse proxy

Once configured, the panel's web interface will be accessible by domain and IP address.

This method is suitable if you plan to host websites on the server.

Nginx

For Nginx it is possible to customize the panel by domain in the site creation form, pick the option Access in ispmanager by site name.

Apache

If Apache + Nginx is used, configure access to the panel by domain in the site creation form, pick the option Access in ispmanager by site name.

If only Apache is used on the server with the panel, please use the instructions below.

Connect to the server with the panel via SSH.
Make sure the mod_proxy and mod_proxy_http extensions are enabled on the server.
Details
For Debian-like operating systems:
```
apache2ctl -M | grep proxy
```
For RH-like operating systems:
```
httpd -M | grep proxy
```
If the modules are enabled, the output will display the following:
```
proxy_module (shared)
proxy_http_module (shared)
```
If modules are disabled, enable them.
For Debian-like operating systems:
```
sudo a2enmod proxy
sudo a2enmod proxy_http
```
To enable modules on RH-like operating systems, add these lines to the Apache configuration file:
/etc/httpd/conf.modules.d/00-proxy.conf
```
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
```
In the panel configuration file /usr/local/mgr5/etc/ispmgr.conf, copy the ForwardedSecret parameter value. If this parameter does not exist or you want to change it, specify your value and copy it. For example:
```
ForwardedSecret password12345
```
Details
ForwardedSecret — a key that ensures ihttpd trusts requests from the proxy server and records the client's real IP address in logs. This key is necessary to protect against client IP address spoofing.
If you specified a new ForwardedSecret parameter at the previous step, save the changes and restart the panel via the console:
```
/usr/local/mgr5/sbin/mgrctl -m ispmgr exit
```
Open the Sites section in the panel's web interface and select the desired site.

Go to Configuration Files section and replace the Apache configuration with the one below:

<VirtualHost 10.10.10.10:80>
    ServerName domain
    RewriteEngine on
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
</VirtualHost>
<VirtualHost 10.10.10.10:443>
    ServerName domain
    SSLEngine on
    SSLCertificateFile "/var/www/httpd-cert/username/certificate.crt"
    SSLCertificateKeyFile "/var/www/httpd-cert/username/certificate.key"
    SSLProxyEngine on
    SSLProxyVerify none
    SSLProxyCheckPeerCN off
    SSLProxyCheckPeerName off
    ProxyRequests Off
    ProxyPreserveHost On
    ProxyVia full
    RequestHeader set X-Forwarded-Secret ключ12345
    <proxy *>
        Order deny,allow
        Allow from all
    </proxy>
    ProxyPass / https://10.10.10.10:1500/
    ProxyPassReverse / https://10.10.10.10:1500/
</VirtualHost>

Details

Restart the server via the console:
For Debian-like operating systems:
```
systemctl restart apache2
```
For RH-like operating systems:
```
systemctl restart httpd
```

OpenLiteSpeed

Connect to the server with the panel via SSH.
In the panel configuration file /usr/local/mgr5/etc/ispmgr.conf, copy the ForwardedSecret parameter value. If this parameter does not exist or you want to change it, specify your value and copy it. For example:
```
ForwardedSecret password12345
```
Details
ForwardedSecret — a key that ensures ihttpd trusts requests from the proxy server and records the client's real IP address in logs. This key is necessary to protect against client IP address spoofing.
If you specified a new ForwardedSecret parameter at the previous step, save your changes and restart the panel via the console:
```
/usr/local/mgr5/sbin/mgrctl -m ispmgr exit
```
Open the Sites section in the panel's web interface and select the desired site.

Go to Configuration Files section and replace the OpenLiteSpeed configuration with the one below:

virtualHost domain {
	vhDomain domain
	vhRoot /var/www/username/data
	docRoot /var/www/username/data/www/domain
	rewrite  {
		enable 1
		rules <<<END_rules
			RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
		END_rules
	}
}
virtualHost domain-ssl {
	vhDomain domain
	vhRoot /var/www/username/data
	docRoot /var/www/username/data/www/domain
	vhssl {
		keyFile /var/www/httpd-cert/username/certificate.key
		certFile /var/www/httpd-cert/username/certificate.crt
	}
    extprocessor ispmgr {
        type                    proxy
        address                 10.10.10.10:1500
    }
    context / {
        type                    proxy
        handler                 ispmgr
        extraHeaders            <<<END_extraHeaders
            RequestHeader set X-Forwarded-Secret password12345
        END_extraHeaders
    }
}

Details

In the configuration file /usr/local/mgr5/etc/ihttpd.conf, delete the line with the value «‎redirect».
Restart the server via the console:
```
systemctl restart ihttpd
```

Ispmanager 6 lite, pro, host

Accessing the panel by domain

Configuring ihttpd

Configure reverse proxy

Nginx

Apache

OpenLiteSpeed

In this article