Seperate SSL and non-SSL Apache Directives

Discussion in 'Tips/Tricks/Mods' started by sbaclimber, Apr 2, 2007.

  1. sbaclimber

    sbaclimber New Member

    Separate SSL and non-SSL Apache Directives

    First, I would like to thank Till and Falko for an absolutely awesome bit of software they have put together! I am currenly shifting 15 websites off of Netware and onto Linux (yay!), and it only took me 10 minutes to create and configure all of them, using ISPConfig :D

    Now for the Trick/Mod part....
    A few of my sites are SSL enabled, but I only want to force visitors to use the secure connection for parts of the sites. So, I wanted a way to add separate Apache Directives for <VirtualHost>:80 and <VirtualHost>:443, which as far as I can tell, ISPConfig doesn't support out of the box (I could use Rewrite rules, but this is a bit more powerful/easier).
    Thankfully, it was very easy to remedy this, and I thought others might be interested.....
    1) I added 2 fields to the ISP Web form, one is a checkbox to indicate that the Directives for SSL are to be added to the Vhosts_ispconfig.conf file (web_allow_ssl_include), and the other is the textarea for the SSL specific Apache Directives (web_ssl_include).
    2) I added 2 columns to the isp_isp_web table to hold the values from the new form fields (web_allow_ssl_include and web_ssl_include).
    3) I rewrote lines 1519-1522 of config.lib.php to write the SSL specific Apache Directives to <VirtualHost>:443 in the Vhosts_ispconfig.conf file, instead of the default Apache Directives.

    I have attached copies of my versions of scripts/lib/config.lib.php and db_ispconfig.sql, with the above mentioned changes. These files can be used to replace the originals in the install_ispconfig folder, during a fresh install, or as a basis for modifying a preinstalled ISPConfig (I modified version 2.2.11).
    In the attached files the following lines have been modified:
    config.lib.php - lines 1519-1526
    db_ispconfig.sql - lines 271, 949, and 976

    Note #1: the web_allow_ssl_include field is probably a bit superfluous, I have only included it because I wanted to be able to turn off the SSL specific Directives, without them being deleted from the database.
    Note #2: the default Apache Directives are no longer included in the <VirtualHost>:443 at all!
    Note #3: not really related, but thought I would mention any way....
    I am using LDAP to authenticate users, and even though ISPConfig doesn't "support" LDAP as such, if Apache has been told to load the LDAP modules, LDAP related Directives do work :cool:

    Attached Files:

    Last edited: Apr 2, 2007

Share This Page