|Several people are unable to connect to DirectAdmin on port 2222 due to firewalls or proxies. It is possible to setup Apache to allow DirectAdmin to run through Apache using its proxy options.|
In this example, we'll setup DirectAdmin to run through with server IP . Type your server's hostname here: .
This can be tweaked however you wish.
**Note** if you're running custombuild, you must recompile apache by adding "--enable-proxy" \ to the configure/ap2/configure.apache file, and recompiling apache and php.
Also, for apache 2, the template is virtual_host2.conf, not virtual_host.conf.
new method AWith the custom template system, we can add sufficient overrides to not need to make any changes to the templates themselves.
Because cp.domain.com is a User Level domain, it cannot be your server.hostname.com, so they'll probably be different.
old method B1) Duplicate the VirtualHost template:
2) Make the changes to the template. Edit the newly copied virtual_host.conf files (repeat this for the other VirtualHost files if you copied them). Add
3) Skip this step with apache 2.4.
Enable mod_proxy in your /etc/httpd/conf/httpd.conf file. Edit that file and uncomment the followig lines (remove the # character)
LoadModule proxy_module modules/libproxy.so
AddModule mod_proxy.cNote that if you have mod_proxy compiled into your httpd binary (with apache 2), you only need to add the AddModule entry. To check your httpd binary, type:
/usr/sbin/httpd -land look for the mod_proxy bits.
4) rewrite the user httpd.conf files:
echo "action=rewrite&value=httpd" >> /usr/local/directadmin/data/task.queue
Wait a few minutes for the rewrite to happen and for apache to restart itself.
5) You'll also need to add a cp A record for all your domains so that cp.domain.com actually resolves. To get DA to add one by default for new zones:
6) Note that the Proxy requets will use a "Host" apache header value of "localhost", which causes the webmail, squirrelmail and phpMyAdmin links to be (eg): http://localhost/webmail. You can change that by adding:
|?HOSTNAME=yourhost.com|at the very top of /usr/local/directadmin/data/skins/enhanced/header.html so that it overwrite the previous setting of "localhost". Another method would be to use "ProxyPass / http://yourhost.com:2222/" instead of "ProxyPass / http://localhost:2222/".
7) As of DA 1.49.2, enable the X-Forwarded-For header option, so you get the correct IPs in the logs:
Note that you will likely need to shut off the Referer Header Check for DA versions 1.34.5 and newer.
Also, you cannot run DA with https if the proxy connection to the client is going to be just http (non-ssl). The reason is that there is a secure cookie flag when DA run with https, which tells the browser that this cookie should only be allowed on https connections.
proxy_pass value for Nginx assuming cp.domain.com and 184.108.40.206
/etc/nginx/nginx-includes.confand restart nginx.
LiteSpeed is slightly different in terms of using the ProxyPass option. For new method A, step 2, use the following instead:
[REWRITE] Proxy target is not defined on external application list, please add a 'web server' with name 'https://cp.domain.com:2222then you'll need to add an approved proxy web server in your LSWS panel login:
Configuration -> Server -> External App -> Addfor each host that will connect to DA. Should we find some way to override the "Host" value sent to LSWS from the redirect, then the value in the template could be unified, saving the need to load up everyone's cp.|DOMAIN| in the LSWS admin area. You'l also need to hit the "graceful reload" option after changing things.
You may need to use this feature to tell DA to trust certain X-forwarded-for values.
ErrorsIf you're still unable to login run DA in debug mode, level 2000.
Checking referer https://server.hostname.com/ to server.hostname.com:2222
|Using a custom VirtualHost template|
|Setting up webmail.domain.com as default for new domains.|
© 2018 JBMC Software, Suite 173 3-11 Bellerose Drive, St Albert, AB T8N 1P7 Canada. Mon-Fri 9AM-5PM MST