Седат Игдеджи, Sedat Igdeci, Cedat Igdeci, Bekir Igdeci, Lidiya Igdeci, Elizaveta Igdeci

Add a WWW-domain

How to create a website on the server with ISPmanager

A website is a webpage on the Internet that you can access through its URL. Website layout and content are formed by its source files. To make your website available to all users, you need to create it on a server connected to the Internet. To create a website in ISPmanager go to Domains → WWW-domains → Add.

Note

Before you create a WWW-domain, you need to install the web-server. Learn more under Set up a web-server.

To modify the web-server settings for the WWW-domain go to Domains → WWW-domains → Config. ISPmanager checks only the syntax of the data that were specified manually in the configuration files.

When you add a WWW-domain, the system automatically creates a domain name. Learn more in Domain names.

Main settings


  1. Enter a WWW-domain Name.

     Details

    The following string is added into the Nginx configuration file for the WWW-domain:

    Nginx configuration file
    server_name <WWW-domain name>;

    The following string is added into the Apache configuration file for the WWW-domain:

    Apache configuration file
    ServerName <WWW-domain name>
  2. Aliases — enter the name of the alias(es) that you want to add for this WWW-domain. By default, after you enter a WWW-domain name the alias “www.<domain name>” is set automatically. The A-record is created for the alias. Learn more under Resource records.

     Details

    The following string is added into the Nginx configuration file for the WWW-domain:

    Nginx configuration file
    server_name <WWW-domain name>;

    aliases of the WWW-domain are added:

    Nginx configuration file
    server_name <WWW-domain name> <WWW-domain aliases>;

    The following string is added into the Apache configuration file for the WWW-domain:

    Apache configuration file
    ServerAlias <WWW-domain aliases>;
  3. Enter a Root directory of the website. It contains the website files on the server. 

     Details

    The following strings are added into the Nginx configuration file for the WWW-domain:

    Nginx configuration file
    set $root_path <path to the root directory>; root $root_path;

    The following string is added into the Apache configuration file for the WWW-domain:

    Apache configuration file
    DocumentRoot <path to the root directory>
  4. Select a content management system (CMS) in the Select a script field.  A CMS is used to add different content to a website (articles, photos, pages, etc.). If you don’t have a CMS you will need to edit the website source file manually in order to add or edit the content.  ISPmanager supports CMS Drupal, Prestashop, WordPress, joomla, phpBB.

  5. Select a WWW-domain Owner. This is an ISPmanager user.

     Details

    A directory with the username is created in <path to the Nginx directory>/vhosts. The directory contains the Nginx configuration file <WWW-domain>.conf for the WWW-domain.

    A directory with the username is created in <path to the Apache directory>/conf/vhosts. The directory contains the Apache configuration file <WWW-domain> for the WWW-domain.

  6. Select an IP-address source:
    1. allocate automatically — the control panel selects an IP address from the pool in Settings → IP addresses.
    2. enter manually — you can select an IP address in the  IP address field from the list of IPs in Settings→ IP addresses.

       Details

      The following string is added into the Nginx configuration file for the WWW-domain:

      Nginx configuration file
      listen <IP address>:<port>;

      The following string is added into the Apache configuration file for the WWW-domain:

      Apache configuration file
      <VirtualHost <IP address>:<port>>

      Port 80 is used per default for an insecure connection and port 443 is used for a secure one.

  7. Enter the Administrator email that will be displayed on the web-server and WWWd-domain error pages.

     Details

    The following string is added into the Apache configuration file for the WWW-domain:

    Apache configuration file
    ServerAdmin <Administrator email>
  8. Select Encoding. It defines a set of characters to represent the content of your website:
    1. Do not select— use the default value for the database;
    2. utf-8 — contains any Unicode characters including Latin and Cyrillic ones. We recommend that you use this universal encoding; 
     Details

    The following string is added into the Nginx configuration file for the WWW-domain:

    Nginx configuration file
    charset <encoding>;

    The following string is added into the Apache configuration file for the WWW-domain:

    Apache configuration file
    AddDefaultCharset <encoding>

    Note

    To modify a list of encodings create the /usr/local/mgr5/etc/charset file and enter the required values.

  9. Enter the Index page of the website. This page will open if a user tries to open a website buy its domain name but doesn’t specify a certain page. E.g. trying to open www.example.com or www.example.com/test instead of www.example.com/index.php. You can enter several pages separated by spaces in descending order of priority. If the first page doesn’t exist, the second one will open, etc. 

     Details

    The following string is added into the Nginx configuration file for the WWW-domain:

    Nginx configuration file
    index <index pages>;

    The following string is added into the Apache configuration file for the WWW-domain:

    Apache configuration file
    DirectoryIndex <index pages>
  10. Check the SSI box to execute SSI commands before a page will be shown to users. SSI is a programming language which allows adding the dynamically generated content to a page.

     Details

    The following string is added into the Nginx configuration file for the WWW-domain:

    Nginx configuration file
    ssi on;

    The following string is added into the Apache configuration file for the WWW-domain:

    Apache configuration file
    Options +Includes 
  11. Select the Default domain check box. If several websites are associated with a single IP address and a user tries to open the website by its IP, the website marked as a “default domain” will be opened. If this option is not selected for any website, the first domain in the alphabetic order will be opened. 

     Details

    The following string in the Nginx configuration file for the WWW-domain

    Nginx configuration file
    listen <IP-address>:<port>;

    will be changed into

    Apache configuration file
    listen <IP-address>:<port> default;

    In <path to the Apache directory>/conf/vhosts-default/ a symlink to the Apache configuration file for the WWW-domain is created. символическая ссылка на конфигурационный файл Apache для WWW-домена.

    Note

    Enabling the Default domain name will check that the IP address specified for the domain is assigned to the existing default domain. If the domain exists, it won’t be a default one any longer.

  12. Select the Auto-subdomain creation method. This function allows creating subdomains automatically without modifying their configuration. Subdomains are added automatically when the subdirectory is created in the website root directory: 
    1. disabled — do not create subdomains;
    2. separate directory — subdomain files will be created in the subdirectories /var/www/www-root/data/ with the name of the subdomain. E.g. for the subdomain www.test.example.com which root directory is located in /var/www/www-root/data/example.com, the subdomain files must be created in  /var/www/www-root/data/test.example.com.

       Details

      The following strings are added into the Nginx configuration file for the WWW-domain:

      Nginx configuration file
      set $root_path /var/www/www-root/data/www; set $subdomain <WWW-domain name>; if ($host ~* ^((.*).<WWW-domain name>)$) { set $subdomain $1; } root $root_path/$subdomain;

      The following string is added into the Apache configuration file for the WWW-domain:

      Apache configuration file
      VirtualDocumentRoot /var/www/www-root/data/www/%0
    3. domain subdirectory  —  subdomain files will be created in subdirectories of the website root directory. E.g. for the subdomain www.test.example.com which root directory is located in/var/www/www-root/data/example.com, the subdomain files must be created in /var/www/www-root/data/example.com/test

       Details

      The following strings are added into the Nginx configuration file for the WWW-domain:

      Nginx configuration file
      set $root_path /var/www/www-root/data/www/<WWW-domain name>; set $subdomain ""; if ($host ~* ^((.*).<WWW-domain name>)$) { set $subdomain $2; } root $root_path/$subdomain;

      The following string is added into the Apache configuration file for the WWW-domain:

      Apache configuration file
      VirtualDocumentRoot /var/www/www-root/data/www/<WWW-domain name>/%1

      Note

      Selecting “separate directory” or “domain subdirectory” adds “*.<domain name>” into the  Aliases field.

    Note

    You can select Auto-subdomains provided that the Default option is disabled for the domain.

Secure connection 


 Select the checkbox Secure connection (SSL) if you want to use the secure connection through the SSL protocol. You will need to install an SSL certificate on the website. 

 Details

The second section server is created in the Nginx configuration file of the WWW-domain. The section contains the following strings:

Nginx configuration file
ssl_certificate "/var/www/httpd-cert/www-root/<WWW-domain name>.crt"; ssl_certificate_key "/var/www/httpd-cert/www-root/<WWW-domain name>.key"; ssl_ciphers EECDH:+AES256:-3DES:RSA+AES:!NULL:!RC4; ssl_prefer_server_ciphers on; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_dhparam /etc/ssl/certs/dhparam4096.pem listen [<IP-адрес>]:<port> ssl http2;

The second section server is created in the Apache configuration file of the WWW-domain. The section contains the following strings:

Apache configuration file
SSLEngine on SSLCertificateFile "/var/www/httpd-cert/www-root/<WWW-domain name>.crt" SSLCertificateKeyFile "/var/www/httpd-cert/www-root/<WWW-domain name>.key" SSLHonorCipherOrder on SSLProtocol +TLSv1 +TLSv1.1 +TLSv1.2 SSLCipherSuite EECDH:+AES256:-3DES:RSA+AES:!NULL:!RC4

Secure connection parameters:

  1. Select the HSTS option to enable encrypted connection and ensure better security. When HSTS is enabled for a website, browsers automatically change insecure requests to secure ones provided that the browser was connected to the website over a secure connection before. The server returns the response “301 Moved Permanently”;

     Details

    The following string is added into the Nginx configuration file for the WWW-domain:

    Nginx configuration file
    add_header Strict-Transport-Security "max-age=31536000;"

    The following strings are added into the Apache configuration file for the WWW-domain:

    Apache configuration file
    <IfModule headers_module> Header always set Strict-Transport-Security "max-age=31536000; preload" </IfModule>
  2. Check the Redirect HTTP-requests to HTTPS box to change insecure requests to secure ones. The server returns the response “301 Moved Permanently.

     Details

    The following string is added into the Nginx configuration file for the WWW-domain:

    Nginx configuration file
    return 301 https://$host:443$request_uri

    The following strings are added into the Apache configuration file for the WWW-domain:

    Apache configuration file
    RewriteEngine on RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
  3. Change the SSL port if needed. It is used to open a secure connection. The default value is “443”. 

     Details

    The port is specified in the Nginx configuration file of the WWW-domain:

    Nginx configuration file
    listen [<IP address>]:<port> ssl http2;

    and in the Apache configuration file of the WWW-domain:

    Apache configuration file
    <VirtualHost <IP address>:<port>>
  4. Select an SSL certificate that encrypts information transmitted between a user browser and a website.
    1. New self-signed — a free self-signed SSL certificate that is not trusted by browsers. When you open a website with a self-signed certificate, the browser will display a security alert. 
    2. New Let’s Encrypt — a free trusted SSL certificate. 

    For more information please refer to the article  SSL certificates.

DDoS-protection 


You can set up a DDoS-protection tool that allows blocking IP addresses that send too many requests.  This feature is available only on Nginx. For more information please refer to the article  Install a web-server. 

To enable the DDoS protection tool, open the WWW-domain edit form and select the Enable DDoS protection checkbox. 

  1. Requests per second — if the limit is exceeded,  requests from the IP address will be delayed for 5 minutes; 
  2. Maximum peak attack size — if the limit is exceeded, new requests will be blocked. 

 Details

The ngx_http_limit_req_module module allows limiting the rate of requests by the specified key or requests from a certain IP address. Learn more under DDoS protection.

Support of dynamic content


PHP-scripts

To enable support of PHP scripts for the website, activate the PHP option:

  1. PHP — select a PHP mode:

    • PHP as an Apache module — the apache mod_php module is used for PHP. One of its advantages is a higher speed capability.
    • PHP as CGI — PHP is run as a CGI script (Common Gateway Interface). It starts with each request and terminates after the script is executed.
    • PHP as FastCGI — Apache mod_fastcgi is used for PHP. 
    • FastCGI (Nginx + PHP-FPM) — dynamic content is managed by PHP-FPM.
  2. Select a PHP (CGI) version for “CGI” and “FastCGI (Apache)”. 
  3. Disable the Use open_basedir option for “Apache module” if you want to allow PHP-scripts access all the server directories. With this option enables access to the WWW-domain root directory will be restricted. .

For more information please refer to the article PHP modes.

CGI-scripts

To enable CGI-scripts for the website select the  CGI-scripts checkbox and select File extensions for the CGI-scripts.

Note

This option is available only for Apache. Learn more under Install a web-server.

 Details

The following strings is added into the Nginx configuration file for the WWW-domain:

Nginx configuration file
location / { location ~* ^.+.(jpg|jpeg|gif|png|svg|js|css|mp3|ogg|mpe?g|avi|zip|gz|bz2?|rar|swf)$ { try_files $uri $uri/ @fallback; } location / { try_files /does_not_exists @fallback; } } location @fallback { proxy_pass http://127.0.0.1:8080; proxy_redirect http://127.0.0.1:8080 /; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Port $server_port; access_log off; }

The following string is added into the Apache configuration file for the WWW-domain:

Apache configuration file
ScriptAlias /cgi-bin/ /var/www/<WWW-domain owner>/data/www/<domain name>/cgi-bin/ Options +ExecCGI AddHandler cgi-script <file extensions>

Logs


  1. Enable the option Access log to collect web-server statistics.

  2. Enable the log analyzer for the WWW-domain:
    1. Select an Analyzer.

      Note

      This feature is available provided that Apache and the modules Awstats or Webalizer are installed. Learn more under Install a web-server

    2. Select a statistics Period

    3. Select a Report language.

    4. Enable the Restrict access to statistics option. Enter a Password and Confirm it. The login is the name of the WWW-domain owner.  

  3. Error log — specify whether you want to store WWW-server error logs archives and rotate it.

  4. Select a Rotation period.

  5. Store archives —  enter the number of log file archives to be stored on the server. 

 Details

The following strings are added into the Nginx configuration file for the WWW-domain:

Nginx configuration file
access_log /var/www/httpd-logs/<WWW-domain name>.access.log; error_log /var/www/httpd-logs/<WWW-domain name>.error.log notice;

The following string is added into the Apache configuration file for the WWW-domain:

Apache configuration file
CustomLog /var/www/httpd-logs/<WWW-domain name>.access.log combined ErrorLog /var/www/httpd-logs/<WWW-domain name>.error.log

Note

Disk space occupied by the archives is included into the user quota. Learn more under Disk quotas.

To view the log go to Web-server settings → WWW-logs.

To view the reports go to Domains → WWW-domains → Statistics. Statistics for a WWW-domains is kept in /var/www/<WWW-domain name>/data/www/<WWW-domain>/webstat.

Learn more under Website statistics.

Optimization 


Website optimization allows improving your website performance. This option is available only for Nginx. 

  1. Enable the Compression check box to compress static content, i.e. the files that are not modified very often: images, sounds, music, video, etc. Normally, such files occupy much space and slow down your website. Enter the Compression level. The maximum value is 9. The minimum — 1. We recommend that you set 5.

     Details

    The following strings are added into the Nginx configuration file for the WWW-domain:

    Nginx configuration file
    gzip on; gzip_comp_level <compression level>; gzip_disable "msie6"; gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript

    Learn more in Enable compression.

  2. Select the Caching check box to enable website content caching and specify how long the data will stay in cache. If you have caching turned on, slow operations that run when a user opens the website will be saved for a specified period. It allows performing fewer operations and showing the prepared data to users. However, if the cached content has been changed, it will be invisible to your users until the caching period expires.

     Details

    The location section of the Nginx configuration file for the WWW-domain

    Nginx configuration file
    location / { location ~* ^.+.(jpg|jpeg|gif|png|svg|js|css|mp3|ogg|mpe?g|avi|zip|gz|bz2?|rar|swf)$ { try_files $uri $uri/ @fallback; }

    contains the string:

    Nginx configuration file
    expires <caching period>;

    Example:

    Nginx configuration file
    location / { location ~* ^.+.(jpg|jpeg|gif|png|svg|js|css|mp3|ogg|mpe?g|avi|zip|gz|bz2?|rar|swf)$ { expires 2h; try_files $uri $uri/ @fallback; }
info@mustanhost.com
8.00-20.00
Седат Игдеджи, Sedat Igdeci, Cedat Igdeci, Bekir Igdeci, Lidiya Igdeci, Elizaveta Igdeci