Web-server configuration

  1. The information about the web-domain settings is kept in the ISPmanager internal base. Manual changes made to the configuration files will be lost when modifying parameters from the control panel if the settings that you have made manually conflict with those configured in the control panel. Those changes will be saved when editing a domain, if possible.
  2. Settings of every web-domain are kept in a separate file. The files are located in directories based on the domain owner name.
  3. Access to directories (diraccess) is specified in the web-server configuration file in the file with the settings of the corresponding web-domain (.htaccess was used in the previous version)
  4. PHP can work through both Apache and Nginx (php-fpm is used). As now you can use PHP without Apache, using Apache and Nginx may not start the Apache server, if the request can be processed by Nginx.
  5. You can use multiple IP addresses for web-domain.
  6. Activating SSL in the Nginx settings will create a separate “server” section
  7. logrotate is used for rotating logs and errors.

Web server settings


The following parameters are used regardless the type of your web-server

path php-cgi <full path>

A path to the executable file php-cgi

WebDefaultAliases <list of aliases>

List of aliases that will be available to users when ordering a web-domain. You may use the _name_ macros, to add the line into the name of the main domain.

BackendBind <ip address+port>

IP address where the back-end will be set up(the web-server to which the front-end server will send requests). If both Nginx and Apache back-end are installed — Apache.

WebModules <list of module>

List of web-domains that are used.

WebUser <name>

Username which privileges the web-server uses (you must specify the name, rather than uid).

WebGroup <name>

A group which privileges the web-server uses (you must specify the name, rather than gid).

WebRestartDelay <seconds>

The minimum period of time between server restart.

ApsExtRepository <repository URL>

A path to the xml-file of the external APS.

Option ApsRepositoryUpdated

Do not update the list of APS-scrips when starting the panel.

Option DisableSecurePhpBin

Do not create the php-bin secure directory (DefaultHomeDir/php-bin/username) for user and hard links for php and php.ini from the user home directory into a secure directory (php as CGI or FastCGI (Apache)). php and php.ini will be created in the user’s php-bin directory.

The list of available encoding for the web-domain from the file etc/charset. Only utf-8 is specified by default.

Apache configuration

When the panel starts is gets the information about Apache modules:

cgi_module

Support of CGI scripts

fastcgi_module or fcgid_module

Support of PHP as FastCGI

php5_module

Support of PHP as Apache module

If CGI is supported the file specified in path php-cgi, you will be able to use PHP as CGI

Following is a list of parameters that are to configure the control panel according to a certain Apache version: 

Option ApacheITK

It is added if Apache ITK is used. AssignUserID is specified instead of the SuexecUserGroup directive

path apachectl <name>

A path to the program/script that is used for Apache restart. It must process the following parameters: -M (get a list of modules), graceful (soft reboot), restart (hard reboot, which is used when adding/deleting IP addresses)

path apache-vhosts <directory>

A directory where files with web-domain settings will be created

path apache.conf <path>

A path to the Apache main configuration file, where Listen and NameVirtualHost will be specified

ApacheWidePorts <list of ports>

For specifying ports in Apache Listen will be added for all IP address of the server. By default: 80 443. This will enable to decrease the number of hard reboots of Apache.

Nginx configuration

The control panel checks that php-fpm is enabled. If it is found, PHP as FastCGI can be used in web-domain settings.

Following is a list of parameters that are used for customizing the control panel:

path nginx-vhosts <directory>

A directory where files with web-domain settings will be created

path nginx-vhosts-includes <list of directories>

paths to files with additional settings that will be added into “server” for each domain (the Include directory is used)

path fpm-pool.d <directory>

A directory where files with php-fpm settings will be created

path fpm-service <name>

Name of the php-fpm service. It is used for restart upon new user creation.

path nginx-static <regular expression>

It is used for defining files that Nginx must send.

path nginxctl <command>

It is used to restart Nginx when adding new web-domains. It must process the following parameters: reload (re-read the web-domain settings), restart (restart Nginx that is used for adding/deleting IP addresses), stop/start (restart Nginx is used for converting settings in case the web-domain is added/deleted)

path nginx-configtest <command>

Check contents of the Nginx configuration file. The default value is path nginxctl configtest

path nginx <command>

Restart the panel to check Nginx performance. It must process the -V parameter correctly

ForwardedSecret <string>

It is used to prevent fake IP addresses

Example

Setting

path nginx-static ~* ^youscript.ext$

will create location

location ~* ^youscript.ext$ {
   try_files $uri $uri/ @fallback;
}

instead of

location ~* ^.+.(jpg|jpeg|gif|png|svg|js|css|mp3|ogg|mpe?g|avi|zip|gz|bz2?|rar|swf)$ {
    try_files $uri $uri/ @fallback;
}

ForwardedSecret

If you redirect requests from Nginx into the panel, we define a reverse address by the X-Forwarded-For HTTP header. Fraudulent will be able to change a reverse address using that header enabling him to use COOKIE for sending requests as if it is another user. The panel will ignore X-Forwarded-For, if the request does not contain X-Forwarded-Secret with the same value as specified in the configuration file.

Web-server restart


The web-server is restarted in 2 seconds after the last change of the settings. If during that time more changes are made, the server will be restarted in 2 seconds. You can also specify the WebRestartDelay parameter that specifies the minimum period between web-server reboot.

If the changes are not applied to the list of IP addresses/ports, a soft reboot of the web-server will be made. Otherwise, the whole server will reboot.

Templates of web-server’s configuration files


Starting from version 5.64 you can configure the web-server using the Template engine for configuration files .

You can use the information in this section only if your panel version is before 5.64 or doesn’t have the parameter Option EnableWebTemplate in the configuration file. 

Configuration file templates can be used by the server administrator to modify web-server’s configuration files for a specific web-domain.

Templates do not modify the settings specified by ISPmanager but allow adding additional records.

Template files are located in:

  • etc/templates/apache-vhost.template — template of the web-domain configuration file for Apache
  • etc/templates/nginx-vhost.template — template of the web-domain configuration file for Nginx

These template files are used for generating the configuration file of a certain web-domain. You may use macros for your convenience — special records that will be changed into corresponding values.

Macros have the following format: *__{PARAMETER_NAME}__*, macros names must be always upper-case

You can use any upper-case parameter of the control panel session (i.e. web-domain creation or edit request session) as a parameter name. You can also use additional parameters.

Example of macros for session parameters:

  • _NAME_ — web-domain name
  • _OWNER_ — web-domain owner
  • _ALIASES_ — list of web-domain aliases
  • _EMAIL_ — web-domain administrator email
  • _DIRINDEX_ — list of web-domain index pages
  • _CHARSET_ — web-domain default page encoding

Additional macros:

  • _HOSTNAME_ — domain name of the server where the control panel is installed
  • _LISTEN_ON_ — list of sequences such as IP-address:port that are used by web-domain

Example

Create the following template to add records into server location /

server {	
  server_name __NAME__ __ALIASES__;        
  location / {        
  try_files $uri $uri/ /index.php?$args;        
  rewrite /wp-admin$ $scheme://$host$uri/ permanent; 
  }  
}

Be sure to specify *server_name __NAME__ __ALIASES__;* in the template, otherwise, ISPmanager cannot define the _server_ to add data to, and add one more _server_ into the end of the file.

Logs rotation


The web-server logs are specified into the httpd-logs directory that is not available to users. In the user home directory, the “logs” directory is created where hard links to access and error logs of the user web-domains are created. Besides, the old copies of logs are also saved into the “logs” directory.

ISPmanager 5 uses logrotate for web-server logs rotation.

path logrotate.d <directory>

Specifies a directory, where logrotate will be kept (separate file for each web-domain)

LogrotateInfiniteValue <integer>

Specifies the number of archives to keep, if the unlimited value is not set in the control panel. 

Log analyzer


In theory, ISPmanager can work with any logs analyzers. The following analyzers are currently supported:

  • AWStats
  • Webalizer

path analyzer.d <directory>

The directory where scripts for log analysis are saved (separate files for each web-domain)

When you are installing the analyzer the following section will be added in the configuration file of the control panel:

Analyzer awstats {
  ConfPath /etc/awstats/awstats.__NAME__.conf
  BinPath /usr/lib/cgi-bin/awstats.pl
  Lang en
  Lang ru
}

ConfPath

The path where the analyzer settings for a certain web-domain will be saved.

BinPath

The path to the executable file

Lang

Supported languages. The Analyzer section may contain any number of such lines.

When activating the analyzer the corresponding script template from the etc/template directory (the file name matches the analyzer name) is taken. All the macros will be placed there (a complete list of macros can be found when enabling debug for the web module) and are paste into analyzer.d. The configuration will be created as well. From etc/template a corresponding .conf file will be taken. All the macros will be changed, and it will be saved into the file specified in ConfPath (_NAME_ is changed into the web domain name).

The script that you will receive will be called from logrotate each time logs rotation is running. If you select a rotation period, the script execution will be added into a cron job.

The following parameters of the control panel’s configuration file are also used when configuring web-domains to correctly display statistics:

  • AwstatsEncoding — encoding of the AWStats report html-pages
  • WebalizerEncoding — encoding of the Webalizer report html-pages

By default, these parameters are specified in “utf-8”

Re-configuring web-server


Sometimes when working the web-server and control you may need to reconfigure the web-server. Configuration files of all the web-domains that were created in the control panel, will be re-created.

Note! Performing this operation will delete all the manual changes made to the configuration file! 

Consequently, execute the following functions:

webreconfigure.initialize with parameter shutdown=on
webreconfigure.restore

Let’s consider the following example using mgrctl :

/usr/local/mgr5/sbin/mgrctl -m ispmgr webreconfigure.initialize shutdown=on
/usr/local/mgr5/sbin/mgrctl -m ispmgr webreconfigure.restore

info@mustanhost.com
8.00-20.00