Threaded Mode | Linear Mode

fulltilt · 07-27-2007 08:37 PM

Is it possible to modify ispCP for ssl proxy (shared ssl)?

dabvhcs · 07-27-2007 09:27 PM

fulltilt Wrote:Is it possible to modify ispCP for ssl proxy (shared ssl)?

Yes you can easily do it by using pound (http://www.apsis.ch/pound/, the easy solution to implement), or by using apache (by modify templates). This is also in the Wishlist :
http://www.isp-control.net/ispcp/wiki/wishlist_2_5

Also, you can try use google cache to find some tutos which have been published on the VHCS forum (bnot online now).

***ephigenie*** · 07-28-2007 12:15 AM

another easy way could be to it with mod_rewrite in i.e. the 00_master.conf

I assume you've modified the 00_master.conf to use ssl already Wink

i'd create a file sslproxy.map below /etc/apache2/
with content like this :

Code:

non-ssl-domain.tld         http://www.non-ssl-domain.tld

so you can add here a lot of domains one under the other - where the first entry is the alias used for something like https://admin.yourdomain.tld/sslproxy/no...omain.tld/

the create the sslproxy directory below the document_root of the used vhost (in my example it would be /var/www/ispcp/gui/sslproxy )

and add the following at the end of your 00_master.conf

Code:

RewriteEngine   on

RewriteLog      /var/log/apache2/sslproxy.log

RewriteMap      sslproxy                   txt:/etc/apache2/sslproxy.map

RewriteRule     ^/sslproxy/(.*)$        ${sslproxy:$1} [P]

of course you need to load mod_proxy to make it work.
(a2enmod mod_proxy)

then test.
Pls be aware that most cookie based auth methods will fail because its the wrong domain in the cookie - so the browser won't return something to the server. Also all paths should be relative because otherwise you've mixed content you won't like ... and which will be shown the user as

fulltilt · 07-28-2007 12:27 AM

thanks - that helps Smile

ephigenie Wrote:another easy way could be to it with mod_rewrite in i.e. the 00_master.conf

I assume you've modified the 00_master.conf to use ssl already

i'd create a file sslproxy.map below /etc/apache2/
with content like this :

Code:

non-ssl-domain.tld http://www.non-ssl-domain.tld

so you can add here a lot of domains one under the other - where the first entry is the alias used for something like https://admin.yourdomain.tld/sslproxy/no...omain.tld/

the create the sslproxy directory below the document_root of the used vhost (in my example it would be /var/www/ispcp/gui/sslproxy )

and add the following at the end of your 00_master.conf

Code:

RewriteEngine on RewriteLog /var/log/apache2/sslproxy.log RewriteMap sslproxy txt:/etc/apache2/sslproxy.map RewriteRule ^/sslproxy/(.*)$ ${sslproxy:$1} [P]

of course you need to load mod_proxy to make it work.
(a2enmod mod_proxy)

then test.
Pls be aware that most cookie based auth methods will fail because its the wrong domain in the cookie - so the browser won't return something to the server. Also all paths should be relative because otherwise you've mixed content you won't like ... and which will be shown the user as

Threaded Mode \| Linear Mode SSL Proxy
Author	Message