SSL Proxy

Threaded Mode | Linear Mode

SSL Proxy

Author Message

fulltilt
Member

Posts: 520
Group: Registered
Joined: Apr 2007
Status: Offline
Reputation: 3

Post: #1

SSL Proxy

Is it possible to modify ispCP for ssl proxy (shared ssl)?

Regards

OS : Debian 4, Kernel 2.6.25
ispCP Version:1.0 RC5a
Activated: AWStats static, Mailscanner, ClamAV, Bogus MX Filter, Spamassassin, Munin, Monit, ModSecurity2, Fail2ban

07-27-2007 08:37 PM

dabvhcs
Newbie

Posts: 7
Group: Registered
Joined: Mar 2007
Status: Offline
Reputation: 0

Post: #2

RE: SSL Proxy

fulltilt Wrote:

Is it possible to modify ispCP for ssl proxy (shared ssl)?

Yes you can easily do it by using pound (http://www.apsis.ch/pound/, the easy solution to implement), or by using apache (by modify templates). This is also in the Wishlist :
http://www.isp-control.net/ispcp/wiki/wishlist_2_5

Also, you can try use google cache to find some tutos which have been published on the VHCS forum (bnot online now).

This post was last modified: 07-27-2007 09:29 PM by dabvhcs.

07-27-2007 09:27 PM

ephigenie
Administrator

Posts: 664
Group: Administrators
Joined: Oct 2006
Status: Offline
Reputation: 12

Post: #3

RE: SSL Proxy

another easy way could be to it with mod_rewrite in i.e. the 00_master.conf

I assume you've modified the 00_master.conf to use ssl already Wink

i'd create a file sslproxy.map below /etc/apache2/
with content like this :

Code:

non-ssl-domain.tld http://www.non-ssl-domain.tld

so you can add here a lot of domains one under the other - where the first entry is the alias used for something like https://admin.yourdomain.tld/sslproxy/no...omain.tld/

the create the sslproxy directory below the document_root of the used vhost (in my example it would be /var/www/ispcp/gui/sslproxy )

and add the following at the end of your 00_master.conf

Code:

RewriteEngine   on

RewriteLog      /var/log/apache2/sslproxy.log

RewriteMap      sslproxy                   txt:/etc/apache2/sslproxy.map

RewriteRule     ^/sslproxy/(.*)$        ${sslproxy:$1} [P]

of course you need to load mod_proxy to make it work.
(a2enmod mod_proxy)

then test.
Pls be aware that most cookie based auth methods will fail because its the wrong domain in the cookie - so the browser won't return something to the server. Also all paths should be relative because otherwise you've mixed content you won't like ... and which will be shown the user as

07-28-2007 12:15 AM

fulltilt
Member

Posts: 520
Group: Registered
Joined: Apr 2007
Status: Offline
Reputation: 3

Post: #4

RE: SSL Proxy

thanks - that helps Smile

ephigenie Wrote:

another easy way could be to it with mod_rewrite in i.e. the 00_master.conf

I assume you've modified the 00_master.conf to use ssl already Wink

i'd create a file sslproxy.map below /etc/apache2/
with content like this :

Code:

non-ssl-domain.tld http://www.non-ssl-domain.tld

Code:

RewriteEngine   on

RewriteLog      /var/log/apache2/sslproxy.log

RewriteMap      sslproxy                   txt:/etc/apache2/sslproxy.map

RewriteRule     ^/sslproxy/(.*)$        ${sslproxy:$1} [P]

Regards

OS : Debian 4, Kernel 2.6.25
ispCP Version:1.0 RC5a
Activated: AWStats static, Mailscanner, ClamAV, Bogus MX Filter, Spamassassin, Munin, Monit, ModSecurity2, Fail2ban

07-28-2007 12:27 AM

« Next Oldest | Next Newest »

View a Printable Version
Send this Thread to a Friend
Subscribe to this Thread | Add Thread to Favorites