Accessing the panel by domain
Configure reverse proxy
Once configured, the panel's web interface will be accessible by domain and IP address.
This method is suitable if you plan to host websites on the server.
For Nginx it is possible to customize the panel by domain in the site creation form, pick the option Access in ispmanager by site name.
If Apache + Nginx is used, configure access to the panel by domain in the site creation form, pick the option Access in ispmanager by site name.
If only Apache is used on the server with the panel, please use the instructions below.
- Connect to the server with the panel via SSH.
Make sure the mod_proxy and mod_proxy_http extensions are enabled on the server.
DetailsFor Debian-based systems:apache2ctl -M | grep proxy
For RHEL-based systems:httpd -M | grep proxy
If the modules are enabled, the output will display the following:proxy_module (shared) proxy_http_module (shared)
If modules are disabled, enable them.
For Debian-based systems:sudo a2enmod proxy sudo a2enmod proxy_http
To enable modules on Debian-based operating systems, add these lines to the Apache configuration file:
/etc/httpd/conf.modules.d/00-proxy.confLoadModule proxy_module modules/mod_proxy.so LoadModule proxy_http_module modules/mod_proxy_http.so
In the panel configuration file
/usr/local/mgr5/etc/ispmgr.conf
, copy the ForwardedSecret parameter value. If this parameter does not exist or you want to change it, specify your value and copy it. For example:ForwardedSecret password12345
DetailsForwardedSecret — a key that ensures ihttpd trusts requests from the proxy server and records the client's real IP address in logs. This key is necessary to protect against client IP address spoofing.
If you specified a new ForwardedSecret parameter at the previous step, save the changes and restart the panel via the console:
/usr/local/mgr5/sbin/mgrctl -m ispmgr exit
- Open the Sites section in the panel's web interface and select the desired site.
Go to Configuration Files section and replace the Apache configuration with the one below:
<VirtualHost 10.10.10.10:80> ServerName domain RewriteEngine on RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L] </VirtualHost> <VirtualHost 10.10.10.10:443> ServerName domain SSLEngine on SSLCertificateFile "/var/www/httpd-cert/username/certificate.crt" SSLCertificateKeyFile "/var/www/httpd-cert/username/certificate.key" SSLProxyEngine on SSLProxyVerify none SSLProxyCheckPeerCN off SSLProxyCheckPeerName off ProxyRequests Off ProxyPreserveHost On ProxyVia full RequestHeader set X-Forwarded-Secret ключ12345 <proxy *> Order deny,allow Allow from all </proxy> ProxyPass / https://10.10.10.10:1500/ ProxyPassReverse / https://10.10.10.10:1500/ </VirtualHost>
Details- 10.10.10.10.10 — IP address of your server
- Domain — the domain which the panel will be accessible at after configuration
- Username — the name of the user who owns the site
- Certificate — the name of the SSL certificate for the site
- Password12345 — ForwardedSecret installed
- Restart the server via the console:
systemctl restart apache2
systemctl restart httpd
- Connect to the server with the panel via SSH.
In the panel configuration file
/usr/local/mgr5/etc/ispmgr.conf
, copy the ForwardedSecret parameter value. If this parameter does not exist or you want to change it, specify your value and copy it. For example:ForwardedSecret password12345
DetailsForwardedSecret — a key that ensures ihttpd trusts requests from the proxy server and records the client's real IP address in logs. This key is necessary to protect against client IP address spoofing.
If you specified a new ForwardedSecret parameter at the previous step, save your changes and restart the panel via the console:
/usr/local/mgr5/sbin/mgrctl -m ispmgr exit
- Open the Sites section in the panel's web interface and select the desired site.
Go to Configuration Files section and replace the OpenLiteSpeed configuration with the one below:
virtualHost domain { vhDomain domain vhRoot /var/www/username/data docRoot /var/www/username/data/www/domain rewrite { enable 1 rules <<<END_rules RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] END_rules } } virtualHost domain-ssl { vhDomain domain vhRoot /var/www/username/data docRoot /var/www/username/data/www/domain vhssl { keyFile /var/www/httpd-cert/username/certificate.key certFile /var/www/httpd-cert/username/certificate.crt } extprocessor ispmgr { type proxy address 10.10.10.10:1500 } context / { type proxy handler ispmgr extraHeaders <<<END_extraHeaders RequestHeader set X-Forwarded-Secret password12345 END_extraHeaders } }
Details- 10.10.10.10 — IP address of your server
- Domain — the domain which the panel will be accessible at after configuration
- Username — the name of the user who owns the site
- Certificate — the name of the SSL certificate for the site
- Password12345 — ForwardedSecret installed
- In the configuration file
/usr/local/mgr5/etc/ihttpd.conf
, delete the line with the value «redirect». Restart the server via the console:
systemctl restart ihttpd
Configuring ihttpd
Once configured, the panel's web interface will be accessible by domain and inaccessible by IP address.
This method is suitable if the server is not planned to host websites and run web applications (Roundcube, phpMyAdmin, phpPgAdmin, Softaculous).
- Issue an SSL certificate for the panel. Specify the domain that will be used to access the panel.
In the configuration file
/usr/local/mgr5/etc/ihttpd.conf
, change the web server ports to 80 and 443:listen { ip 10.10.10.10 port 443 } listen { ip 10.10.10.10 port 80 redirect } sni { domain_cert etc/manager.crt domain_key etc/manager.key domains domain }
Details- 10.10.10.10.10 — IP address of your server
- Domain — the domain, the panel will be available at after configuration
Connect to the server with the panel via SSH and restart the server via console:
systemctl restart ihttpd