1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice

How do i change Plesk admin from 8443 to 443 ?

Discussion in 'Plesk for Linux - 8.x and Older' started by compare, Jul 21, 2005.

  1. compare

    compare Guest

    0
     
    Hi,

    I saw that there was a treath earlier about changing Plesk port number, but ik have a few problems to get it really right.

    What do i want:
    Ik want that i can use Plesk on https://www.mypleskdomain.nl so, on port 443, but only with this domain.
    And i want that everyone can still use somedomain:8443

    Ik added:
    "LISTEN 8001" in the
    /usr/local/psa/admin/conf/httpsd.conf
    and restarted Plesk, and now ik can use Plesk on port 8443 and 8001. This works fine, so i have Plesk running on 2 ports.

    Than i added:
    "LISTEN 443"
    This is for all domains on the https port and cannot get Plesk running anymore.
    If i check with /etc/init.d/psa status i see that Plesk is not running.

    Than i tried:
    "LISTEN 443" followed by "BindAddress <ipadress of mypleskdomain.nl>"
    But than i cannot start Plesk also....
    Of course i didn't created any SSL site for this domain, so there is no collision with httpsdocs.

    Can anyone help me with this?

    Regards,
    Maurice
     
  2. Xtreme-IT

    Xtreme-IT Guest

    0
     
    Searching the forums gives several options: http://forum.sw-soft.com/search.php...d=915011&sortby=lastpost&sortorder=descending

    Make sure you
    - edit the admin conf file, not the normal webserver conf. (These 2 are separated).
    - bind to an IP adress you did not use for normal hostingaccounts
    - reload the correct admin webserver (the apache reload in the GUI reloads the hosting instance of apache, not the admin)

    Giving the fact your Plesk does not start anymore sounds like a port conflict, so make sure you use a separate IPadress for your admin webserver, do not use it for hosting.
     
  3. jamesyeeoc

    jamesyeeoc Guest

    0
     
    When you tried to make Plesk's apache listen to port 443, you put it into conflict with the 'hosting' copy of apache which is already listening on that port....
     
  4. compare

    compare Guest

    0
     
    That was what i expected...
    I found on http://httpd.apache.org/docs-2.0/bind.html a way to bind 1 port on 1 ip-address:
    PHP:
    LISTEN 8443
    LISTEN 10.11.12.13
    :443
    I only need to find a way to unbind this port for only this ip-address with this specific portnumber....

    Regards,
    Maurice
     
  5. jamesyeeoc

    jamesyeeoc Guest

    0
     
    The only problem I see with that is Plesk will overwrite (on certain times) the httpd.conf and httpd.include files for the hosting side.

    The hosting conf files are in /etc/httpd/conf directory.

    You could make changes there, but then any normal browsing to hosted domains using port 443 would not work. And the manual changes would only stay until you use Plesk to add/delete/change anything domain related, at which time these files will be overwritten.

    It would be better to use some other port number (not 443) which would not conflict with any ports already in use.
     
  6. compare

    compare Guest

    0
     
    I also looked to use a symbolic link...
    link the httpsdocs for the domain i want to use to the webroot dir. of the Plesk Adminpages, but the Plesk Apache runs as another user... Good of course, becaurse the Plesk pages runs high-risk scripts on Linux, so you absolutly don't want that an normal user can do that too.

    An other thing i want to try is server-side redirect. So to redirect within Apache to another Apache.
    If that works, i shall try to find the "template" files who creates the conf files.
    Then i create a virtual website outsite of Plesk.

    Regards,
    Maurice
     
  7. compare

    compare Guest

    0
     
    The reason i want to run Plesk on port 443 is firewall's.
    Most (real) firewalls don't accept port 8443, but almost every firewall accept https pages on 443.

    That's the main reason i want Plesk on the default portnumber 443.

    Dedicated IP address and an extra domainname just for Plesk is no problem. :D I already have that.

    Regards en thanks for the thinking with me :)
    Maurice
     
  8. jamesyeeoc

    jamesyeeoc Guest

    0
     
    Yes I figured it was due to client side firewall issues, I was thinking more on the lines of other well known ports which many/most firewalls also allow, such as 21. It is usually quite easy to reconfigure ftp to use a different port on the server, then there would not be a conflict between 2 apaches on port 443.

    This is just one example port.
     
  9. compare

    compare Guest

    0
     
    That was on my mind too, because most companies have the ports 21, 80 and 443 open.

    BUT !! :( FTP is not a TCP/IP protocol, it's UDP, so a good firewall'er don't accept TCP on port 21. And a really good firewall'er checks the protocol on the port, because otherwise you can also make a tunnel thue that port to your own PC at home and do everything you want. (That way i used USENET thrue a firewall once :D )

    Regards,
    Maurice

    PS. I had a tip to use ProxyPass in the httpd.include of the domain to use server-side redirect... Have to try it yet...
     
  10. jamesyeeoc

    jamesyeeoc Guest

    0
     
    That's what I get for posting when I'm asleep. Just like now :D, I retract what I said about the ftp port (was using it as an example) obviously not a good one.....
     
  11. compare

    compare Guest

    0
     
    No problem of course :) But i have a little update about server-site redirect:

    I tried several things with ProxyPass, but it still does not work as i want it.

    Right now i have in the /home/httpd/vhosts/plesk-administrator.nl/conf/httpd.include:
    PHP:
    <VirtualHost 83.172.133.76:443>
            
    ServerAdmin  postmaster@*changed*.nl
            SSLEngine on
            SSLVerifyClient none
            SSLCertificateFile 
    /usr/local/psa/var/certificates/certXGls68V
            ProxyPass 
    https://localhost:8443/
            
    ProxyPassReverse https://localhost:8443/
    </VirtualHost>
    No error's anymore, but still no Plesk page:
    https://www.plesk-administrator.nl/
    https://www.plesk-administrator.nl:8443/

    But with some help on the usenet, i get furter and furter :)

    Regards,
    Maurice
     
  12. jamesyeeoc

    jamesyeeoc Guest

    0
     
    Looks like the <VirtualDirectory xx.xx.xx.xx:443> in the /etc/httpd/conf/httpd.include is still taking priority over your domain specific include file. That would explain why it is still bringing up the default plesk page instead of the login page. And apparently you may not have set the 'Default Domain' for the IP address yet.

    The 'Hosting' apache is still taking the 443 request before the 'Plesk admin' Apache.

    Also, more related proxy directives for Apache:
    Not sure if it will help, but this is in the Apache docs:
    http://66.102.7.104/search?q=cache:...2.0"+-"List-Post"+site:httpd.apache.org&hl=en

    There are also ProxyConnect, AllowConnect, etc. Check it out, there may just be other directives you need.
     
  13. Cranky

    Cranky Guest

    0
     
    I'm too tired to read all the above, so I'll just explain the solution in full:

    • Edit /etc/httpd/conf.d/ssl.conf to comment out the Listen line as follows:

      Code:
      #Listen 0.0.0.0:443
      Add listen to all IP address used by standard Apache just below the comment above:

      Code:
      Listen x.x.x.1:443
      Listen x.x.x.2:443
      Listen x.x.x.3:443
      Where x.x.x.* are *ALL* the IP's on your server except the one you want to use for Plesk.

      You can output listen lines for all IP's with the following via the shell:

      Code:
      /sbin/ifconfig |grep 'inet addr:'|awk '{print $2}'|awk -F: '{print "Listen "$2":443"}'
    • Add to /usr/local/psa/admin/conf/httpsd.conf listen directive for unused IP address:

    • Restart both apache and Plesk:

      Code:
      service httpd restart
      service psa restart

    You will need to add any new IP's you add to the apache config file as above, and Plesk updates will overwrite /usr/local/psa/admin/conf/httpsd.conf so this isn't an optimal solution, but it's probably the most suitable at the moment.

    Alternative solutions would probably include using iptables or setting up a proxy server, but until you have time to play with this I'd suggest doing the above.
     
  14. compare

    compare Guest

    0
     
    @Cranky

    Although it's maybe not yet the optimal solution, it IS working, so this is a very big step forward.
    Thanks for that.

    I'll use this for a wail to see IF and WHEN the files be changed. Si i can try to find the files used who creates this files to find a permenent solution (till upgrade:rolleyes: )

    Thanks, :D
    Maurice
     
  15. Cranky

    Cranky Guest

    0
     
    No problem.

    The files won't be overwritten until you upgrade Plesk, don't worry about that.
     
  16. dsoundmn

    dsoundmn Guest

    0
     
Loading...