Current time: 11-15-2024, 03:49 AM Hello There, Guest! (LoginRegister)


Post Reply 
1.0.3 - suggestions to next versions
Author Message
koffu Offline
Junior Member
*

Posts: 80
Joined: Jan 2010
Reputation: 1
Post: #1
Exclamation 1.0.3 - suggestions to next versions
Hello all!

First of all, I want to say many thanks to the development team.Smile
Second, I'd like to express my opinion about some things in the new versions of panel.

After upgrade to 1.0.3 I did not like phpMyAdmin vs FileManager on admin login page. WebMail is nice idea, but can not be said about the rest, I think, because sometimes I see bruteforce attempts and tries to found phpMyAdmin location.
Please see new look in attachment.

My patch is:

Code:
--- /var/www/ispcp/gui/themes/omega_original/index.tpl.orig    2010-01-09 01:39:17.000000000 +0200
+++ /var/www/ispcp/gui/themes/omega_original/index.tpl    2010-01-09 01:55:10.000000000 +0200
@@ -81,14 +81,7 @@
       <tr>
        <td width="244" align="right" class="login"><table width="300" border="0" cellspacing="2" cellpadding="2">
   <tr>
-    <td align="center" width="100"><a href="{TR_PMA_SSL_LINK}" target="_self" title="phpMyAdmin"><img src="{THEME_COLOR_PATH}/images/login/phpmyadmin.png" width="28" height="30" border="0" alt="phpMyAdmin"></a></td>
-    <td align="center" width="100"><a href="{TR_FTP_SSL_LINK}" target="_self" title="Filemanager"><img src="{THEME_COLOR_PATH}/images/login/filemanager.png" width="33" height="30" border="0" alt="Filemanager"></a></td>
-    <td align="center" width="100"><a href="{TR_WEBMAIL_SSL_LINK}" target="_self" title="WebMail"><img src="{THEME_COLOR_PATH}/images/login/webmail.png" width="32" height="30" border="0" alt="WebMail"></a></td>
-  </tr>
-  <tr>
-    <td align="center" width="100"><a class="login" href='{TR_PMA_SSL_LINK}'>phpMyAdmin</a></td>
-    <td align="center" width="100"><a class="login" href='{TR_FTP_SSL_LINK}'>Filemanager</a></td>
-    <td align="center" width="100"><a class="login" href='{TR_WEBMAIL_SSL_LINK}'>WebMail</a></td>
+    <td align="left" width="100"><a href="{TR_WEBMAIL_SSL_LINK}" target="_self" title="WebMail"><img src="{THEME_COLOR_PATH}/images/login/webmail.png" width="32" height="30" border="0" alt="WebMail"></a><a class="login" href='{TR_WEBMAIL_SSL_LINK}'>WebMail Access</a></td>
   </tr>
</table></td>
        <td width="197" align="right" class="login" style="vertical-align:top;">Powered by <a class="login" href="http://www.isp-control.net" target="_blank">ispCP Omega</a></td>

With every version I changing
Code:
/etc/apache2/sites-available/00_master.conf

So, I made a few changes and now file is:

Code:
<VirtualHost 192.168.0.1:80>

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

... skipped...
</VirtualHost>

Code:
<VirtualHost 192.168.0.1:443>

SSLEngine on
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key

... skipped...
</VirtualHost>

Now admin panel, phpmyadmin, webmail, file manager working via SSL.


Attached File(s) Thumbnail(s)
   
(This post was last modified: 01-09-2010 10:40 AM by koffu.)
01-09-2010 10:21 AM
Find all posts by this user Quote this message in a reply
joximu Offline
helper
*****
Moderators

Posts: 7,024
Joined: Jan 2007
Reputation: 92
Post: #2
RE: 1.0.3 - suggestions to next versions
Hi

the three symbols (webmail, webftp and pma) were added this year... so we won't kick them again :-)

but - maybe we need a switch/config otion to let the admin decide which shortcuts should be displayed.

But on the other side: every admin can configure it's own front page... :-)

/J
01-10-2010 09:38 AM
Visit this user's website Find all posts by this user Quote this message in a reply
MicCo Offline
Moderator
*****
Moderators

Posts: 277
Joined: Oct 2006
Reputation: 1
Post: #3
RE: 1.0.3 - suggestions to next versions
(01-10-2010 09:38 AM)joximu Wrote:  Hi

the three symbols (webmail, webftp and pma) were added this year... so we won't kick them again :-)

but - maybe we need a switch/config otion to let the admin decide which shortcuts should be displayed.

But on the other side: every admin can configure it's own front page... :-)

/J

Yeah, joximu is right, due that some of us was also likeing the "Your IP are : xxx.xxx.xxx.xxx and logget" but hade to see that is gone. Tongue
01-10-2010 09:31 PM
Visit this user's website Find all posts by this user Quote this message in a reply
kilburn Offline
Development Team
*****
Dev Team

Posts: 2,182
Joined: Feb 2007
Reputation: 34
Post: #4
RE: 1.0.3 - suggestions to next versions
"security through obscurity" is never *real* security...
01-10-2010 10:20 PM
Visit this user's website Find all posts by this user Quote this message in a reply
koffu Offline
Junior Member
*

Posts: 80
Joined: Jan 2010
Reputation: 1
Post: #5
RE: 1.0.3 - suggestions to next versions
(01-10-2010 10:20 PM)kilburn Wrote:  "security through obscurity" is never *real* security...

Yes, but I think phpMyAdmin would be reachable only after user login and it would be better if the link would be dynamic, not static.
This is only my opinion.

And what you think about SSL changes?
01-10-2010 11:26 PM
Find all posts by this user Quote this message in a reply
kilburn Offline
Development Team
*****
Dev Team

Posts: 2,182
Joined: Feb 2007
Reputation: 34
Post: #6
RE: 1.0.3 - suggestions to next versions
Quote:Yes, but I think phpMyAdmin would be reachable only after user login and it would be better if the link would be dynamic, not static.

Requiring users to be logged-in to the panel before allowing them to access phpmyadmin would imply that webmasters must have full control over the domain. As of now, the owner of a domain can give mysql rights to the webmaster without allowing him to create/delete emails, ftp accounts, etc.. Thus, I think that the current setup is better...

SSL support is planned for 1.1.0 (your patch assumes that the user has created the corresponding keys, which is unnacceptable because many users would fail to do so).
(This post was last modified: 01-11-2010 05:59 PM by kilburn.)
01-11-2010 05:56 PM
Visit this user's website Find all posts by this user Quote this message in a reply
koffu Offline
Junior Member
*

Posts: 80
Joined: Jan 2010
Reputation: 1
Post: #7
RE: 1.0.3 - suggestions to next versions
(01-11-2010 05:56 PM)kilburn Wrote:  [quote]
SSL support is planned for 1.1.0 (your patch assumes that the user has created the corresponding keys, which is unnacceptable because many users would fail to do so).

This is good.
Users always can create self-signed openssl certificate, which can be created by simple command with copy&paste
Code:
openssl req -x509 -days 365 -nodes -new -newkey rsa:2048 -out /etc/ssl/certs/server.crt -keyout /etc/ssl/private/server.key

SSL support can be enabed simple by copy of :80 VirtualHost and changing it with VirtualHost :443 and add to :80 redirect.
01-11-2010 06:57 PM
Find all posts by this user Quote this message in a reply
joximu Offline
helper
*****
Moderators

Posts: 7,024
Joined: Jan 2007
Reputation: 92
Post: #8
RE: 1.0.3 - suggestions to next versions
There are several ways of introducing SSL:
- only the panel
- also for customer

both ways can be implemented in different ways/levels of complication :-)

/J
01-11-2010 07:07 PM
Visit this user's website Find all posts by this user Quote this message in a reply
koffu Offline
Junior Member
*

Posts: 80
Joined: Jan 2010
Reputation: 1
Post: #9
RE: 1.0.3 - suggestions to next versions
I suggest use for control panel only Smile

The way, where I can define parameters for user VirtualHost, except .htaccess and direct editing?
01-11-2010 07:21 PM
Find all posts by this user Quote this message in a reply
joximu Offline
helper
*****
Moderators

Posts: 7,024
Joined: Jan 2007
Reputation: 92
Post: #10
RE: 1.0.3 - suggestions to next versions
(01-11-2010 07:21 PM)koffu Wrote:  I suggest use for control panel only Smile

as a first step...

(01-11-2010 07:21 PM)koffu Wrote:  The way, where I can define parameters for user VirtualHost, except .htaccess and direct editing?

??? you mean

/etc/apache2/ispcp/<host>.conf

??

/J
01-11-2010 07:40 PM
Visit this user's website Find all posts by this user Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 2 Guest(s)