View Single Post
  #1  
Old 2nd April 2007, 04:25
sbaclimber sbaclimber is offline
Junior Member
 
Join Date: Mar 2007
Posts: 1
Thanks: 0
Thanked 1 Time in 1 Post
Default Separate SSL and non-SSL Apache Directives

First, I would like to thank Till and Falko for an absolutely awesome bit of software they have put together! I am currenly shifting 15 websites off of Netware and onto Linux (yay!), and it only took me 10 minutes to create and configure all of them, using ISPConfig

Now for the Trick/Mod part....
A few of my sites are SSL enabled, but I only want to force visitors to use the secure connection for parts of the sites. So, I wanted a way to add separate Apache Directives for <VirtualHost>:80 and <VirtualHost>:443, which as far as I can tell, ISPConfig doesn't support out of the box (I could use Rewrite rules, but this is a bit more powerful/easier).
Thankfully, it was very easy to remedy this, and I thought others might be interested.....
1) I added 2 fields to the ISP Web form, one is a checkbox to indicate that the Directives for SSL are to be added to the Vhosts_ispconfig.conf file (web_allow_ssl_include), and the other is the textarea for the SSL specific Apache Directives (web_ssl_include).
2) I added 2 columns to the isp_isp_web table to hold the values from the new form fields (web_allow_ssl_include and web_ssl_include).
3) I rewrote lines 1519-1522 of config.lib.php to write the SSL specific Apache Directives to <VirtualHost>:443 in the Vhosts_ispconfig.conf file, instead of the default Apache Directives.

I have attached copies of my versions of scripts/lib/config.lib.php and db_ispconfig.sql, with the above mentioned changes. These files can be used to replace the originals in the install_ispconfig folder, during a fresh install, or as a basis for modifying a preinstalled ISPConfig (I modified version 2.2.11).
In the attached files the following lines have been modified:
config.lib.php - lines 1519-1526
db_ispconfig.sql - lines 271, 949, and 976

Note #1: the web_allow_ssl_include field is probably a bit superfluous, I have only included it because I wanted to be able to turn off the SSL specific Directives, without them being deleted from the database.
Note #2: the default Apache Directives are no longer included in the <VirtualHost>:443 at all!
Note #3: not really related, but thought I would mention any way....
I am using LDAP to authenticate users, and even though ISPConfig doesn't "support" LDAP as such, if Apache has been told to load the LDAP modules, LDAP related Directives do work
Attached Files
File Type: zip ISPConfig-2files.zip (49.8 KB, 304 views)

Last edited by sbaclimber; 2nd April 2007 at 06:51. Reason: bad spelling
Reply With Quote
Sponsored Links