Enforcing ssl=ON for all Users, Resellers and their packages


Enter Your Query:
Use '%' for wildcards and quotes for "exact phrases"


Top Level » DirectAdmin » Custom Scripting
Top Level » SSL

Enforcing ssl=ON for all Users, Resellers and their packagesLast Modified: Dec 23, 2020, 2:19 pm
For the modern age, websites should be using SSL for their websites.
This guide provides a means to enforce it being enabled for all Users/Resellers, their domains, and packages used to create them.

  1. First, we'll setup the enforcement for actions in the GUI.
    1. Saving a package

      Create the directory and script:

      /usr/local/directadmin/scripts/custom/package_write_pre/enforce_ssl.sh

      with code:

      #!/bin/sh
      if [ "${ssl}" = "OFF" ]; then
             echo "SSL must be enabled";
             exit 1;
      fi
      exit 0;

    2. Account creation/modification

      create both:

      /usr/local/directadmin/scripts/custom/user_create_pre/enforce_ssl.sh
      /usr/local/directadmin/scripts/custom/user_modify_pre/enforce_ssl.sh

      with the same code as above.
    Chmod all scripts to 755:

    chmod 755 /usr/local/directadmin/scripts/custom/*/enforce_ssl.sh

  2. Change all Users, domains, and packages to use ssl=ON

    cd /usr/local/directadmin/data
    perl -pi -e 's/^ssl=OFF/ssl=ON/' data/users/*/user.conf
    perl -pi -e 's/^ssl=OFF/ssl=ON/' data/users/*/domains/*.conf
    perl -pi -e 's/^ssl=OFF/ssl=ON/' data/users/*/reseller.conf
    perl -pi -e 's/^ssl=OFF/ssl=ON/' admin/packages/*.pkg
    perl -pi -e 's/^ssl=OFF/ssl=ON/' data/users/*/packages/*.pkg

    Followed by rewriting the apache configs to use the values:

    cd /usr/local/directadmin/custombuild
    ./build rewrite_confs


© 2018 JBMC Software, Suite 173  3-11 Bellerose Drive, St Albert, AB  T8N 1P7  Canada.  Mon-Fri 9AM-5PM MST