Accessing ispmanager by domain
Configuring reverse proxy
With this configuration, the panel's web interface will be accessible both by the domain name and IP address.
Use this method if you plan to host websites on the server.
For Nginx, access to the panel by the domain is enabled in the site creation form by selecting the option Access to ispmanager by site name.
For Apache and Apache + Nginx, access to the panel by the domain is enabled in the site creation form by selecting the option Access to ispmanager by site name.
For Apache and LiteSpeed, access to the panel by the domain is enabled in the site creation form by selecting the option Access to ispmanager by site name.
- Issue an SSL certificate for the site you want to access the panel by or install an existing one.
- Connect to the server with the panel via SSH.
In the panel configuration file
/usr/local/mgr5/etc/ispmgr.conf, copy the ForwardedSecret parameter value. If this parameter does not exist or you want to change it, specify your value and copy it. For example:ForwardedSecret password12345DetailsForwardedSecret — a key that ensures ihttpd trusts requests from the proxy server and records the client's real IP address in logs. This key is necessary to protect against client IP address spoofing.
If you specified a new ForwardedSecret parameter at the previous step, save your changes and restart the panel via the console:
/usr/local/mgr5/sbin/mgrctl -m ispmgr exit- Open the Sites section in the panel's web interface and select the desired site.
Go to Configuration Files section and replace the OpenLiteSpeed configuration with the one below:
virtualHost DOMAIN { vhDomain DOMAIN vhRoot /var/www/USERNAME/data docRoot /var/www/USERNAME/data/www/DOMAIN rewrite { enable 1 rules <<<END_rules RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] END_rules } } virtualHost domain-ssl { vhDomain domain vhRoot /var/www/username/data docRoot /var/www/username/data/www/DOMAIN vhssl { keyFile /var/www/httpd-cert/USERNAME/CERTIFICATE.key certFile /var/www/httpd-cert/USERNAME/CERTIFICATE.crt } extprocessor ispmgr { type proxy address 10.10.10.10:1500 } context / { type proxy handler ispmgr extraHeaders <<<END_extraHeaders RequestHeader set X-Forwarded-Secret KEY12345 END_extraHeaders } }Details- 10.10.10.10 — IP address of your server
- DOMAIN — the domain which the panel will be accessible by after configuration
- USERNAME — the name of the user who owns the site
- CERTIFICATE — the name of the SSL certificate for the site
- KEY12345 — the ForwardedSecret key
- In the configuration file
/usr/local/mgr5/etc/ihttpd.conf, delete the line with the value «redirect». Restart the server via the console:
systemctl restart ihttpd
Configuring ihttpd
With this configuration, the panel's web interface will be accessible by the domain and not accessible by the IP address.
Use this method if you do not plan to host websites and run web applications (Roundcube, phpMyAdmin, phpPgAdmin, Softaculous) on the ispmanager server.
- Issue an SSL certificate for the panel. Specify the domain that will be used to access the panel.
In the configuration file
/usr/local/mgr5/etc/ihttpd.conf, change the web server ports to 80 and 443:listen { ip 10.10.10.10 port 443 } listen { ip 10.10.10.10 port 80 redirect } sni { domain_cert etc/manager.crt domain_key etc/manager.key domains domain }Details- 10.10.10.10.10 — IP address of your server
- Domain — the domain, the panel will be available at after configuration
Connect to the server with the panel via SSH and restart the server via console:
systemctl restart ihttpd