Control panel URL
By default, the control panel runs through the in-built web-server ihttpd. The web-interface URL:
Web-interface URL. Port 1501
https://<server IP address>:1501/dnsmgrYou can configure a URL to open a control panel by the domain name.
There are two ways:
- Configure ihttpd;
- Configure nginx + ihttpd.
Configuring ihttpd
DNSmanager 6 uses the ihttpd-dns service to run the ihttpd web server.
If you do not plan to use any third-party web applications on your server, change the web-server ports to 80 and 443, e.g.:
configuration file /usr/local/mgr5/etc/ihttpd.conf
listen {
ip 10.10.10.10
port 443
}
listen {
ip 10.10.10.10
port 80
redirect
}10.10.10.10 is the IP address that we use only as an example. Change it into the public IP.
This configuration allows ihttpd to accept connections on 80 and 443 ports. The redirect will be set from port 80 to port 443.
After you have modified the configuration file, restart the service:
service ihttpd-dns restartConfiguring Nginx + ihttpd
Install Nginx if ISPmanager is already installed on the server. To do so, go to the Settings → Features → Web-server (WWW) → Edit.
In ISPmanager Business, this web-server is installed by default.
If ISPmanager isn't installed on your server, install Nginx manually:
CentOS
yum install nginxUbuntu
apt-get install nginx AlmaLinux
dnf install nginxAlmaLinux
firewall-cmd --zone=public --permanent --add-port=80/tcp
firewall-cmd --zone=public --permanent --add-port=443/tcpNginx settings
Add the following lines to the nginx configuration file /etc/nginx/nginx.conf or to the /etc/nginx/conf.d file you created:
Nginx configuration file
server {
listen 10.10.10.10:443 ssl;
server_name my.domain.com;
ssl_certificate /opt/ispsystem/dnsmanager6/etc/manager.crt;
ssl_certificate_key /opt/ispsystem/dnsmanager6/etc/manager.key;
set $mgr_proxy "https://10.10.10.10:1501";
location ^~ /manimg/ {
alias /opt/ispsystem/dnsmanager6/skins/;
}
location / {
proxy_pass $mgr_proxy;
proxy_redirect $mgr_proxy /;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Secret mary123;
chunked_transfer_encoding off;
}
location ^~ /mancgi/ {
proxy_pass $mgr_proxy;
proxy_redirect $mgr_proxy /;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Secret mary123;
chunked_transfer_encoding off;
}
}ForwardedSecret — if Nginx is set up, this is a combination of letters and digits constituting a key that is used for checking authentication from certain IP addresses. It helps protect from invalid login attempts.
Note:
The secret phrase specified in the nginx configuration file (proxy_set_header X-Forwarded-Secret directive) must match the phrase specified in the control panel configuration files (dnsmgr.conf, ForwardedSecret directive).
When adding the passphrase to the nginx configuration file, add it to the control panel configuration files (/opt/ispsystem/dnsmanager6/etc/dnsmgr.conf) as well.
Restart the control panel to apply the changes in the configuration file:
/opt/ispsystem/dnsmanager6/sbin/mgrctl -m dnsmgr exitTo open the control panel through the https protocol, configure the redirect. To do so, add the following information to Nginx configuration file:
https redirect
server {
listen 10.10.10.10:80;
server_name my.domain.com;
rewrite ^(.*)$ https://$server_name$1 permanent;
}my.domain.com is the domain name that we use as an example here. You should use your website domain name.
Restart Nginx to apply the changes:
service nginx restartihttpd settings
In the ihttpd configuration file /opt/ispsystem/dnsmanager6/etc/ihttpd.conf remove the redirect raw to avoid address cyclic readdressing.