Skip to content
Hide whitespace changes
Inline Side-by-side
interface/web/tools/lib/lang/sk_interface.lng deleted 100644 → 0
View file @ c5b28475
<?php
$wb['interface_head_txt'] = 'Interface Settings';
$wb['interface_desc_txt'] = 'Modify your interface';
$wb['language_txt'] = 'Language';
$wb['startmodule_txt'] = 'Startmodule';
$wb['app_theme_txt'] = 'Design';
?>
interface/web/tools/lib/lang/sk_usersettings.lng
View file @ 3e0cb809
......@@ -9,4 +9,7 @@ $wb['generate_password_txt'] = 'Generate Password';
$wb['repeat_password_txt'] = 'Repeat Password';
$wb['password_mismatch_txt'] = 'The passwords do not match.';
$wb['password_match_txt'] = 'The passwords do match.';
$wb['language_txt'] = 'Language';
$wb['startmodule_txt'] = 'Startmodule';
$wb['app_theme_txt'] = 'Design';
?>
interface/web/tools/lib/lang/tr_interface.lng deleted 100644 → 0
View file @ c5b28475
<?php
$wb['interface_head_txt'] = 'Arayüz Ayarları';
$wb['interface_desc_txt'] = 'Arayüzü Düzenle';
$wb['language_txt'] = 'Dil';
$wb['startmodule_txt'] = 'Başlangıç modülü';
$wb['app_theme_txt'] = 'Tasarım';
?>
interface/web/tools/lib/lang/tr_usersettings.lng
View file @ 3e0cb809
......@@ -9,4 +9,7 @@ $wb['generate_password_txt'] = 'Parola Üret';
$wb['repeat_password_txt'] = 'Parola Onayı';
$wb['password_mismatch_txt'] = 'Parola ile onayı aynı değil.';
$wb['password_match_txt'] = 'Parola ile onayı aynı.';
$wb['language_txt'] = 'Dil';
$wb['startmodule_txt'] = 'Başlangıç modülü';
$wb['app_theme_txt'] = 'Tasarım';
?>
interface/web/tools/lib/module.conf.php
View file @ 3e0cb809
......@@ -5,7 +5,7 @@ global $conf;
$module['name'] = 'tools';
$module['title'] = 'top_menu_tools';
$module['template'] = 'module.tpl.htm';
$module['startpage'] = 'tools/index.php';
$module['startpage'] = 'tools/user_settings.php';
$module['tab_width'] = '60';
$module['order'] = '80';
......@@ -13,7 +13,7 @@ $module['order'] = '80';
//**** Change User password
$items = array();
$items[] = array( 'title' => 'Password and Language',
$items[] = array( 'title' => 'User Settings',
'target' => 'content',
'link' => 'tools/user_settings.php',
'html_id' => 'user_settings');
......@@ -24,23 +24,4 @@ $module['nav'][] = array( 'title' => 'User Settings',
'items' => $items);
unset($items);
//**** Change interface settings + load settings page of the activated theme
$items = array();
$items[] = array( 'title' => 'Interface',
'target' => 'content',
'link' => 'tools/interface_settings.php',
'html_id' => 'interface_settings');
if(file_exists(ISPC_WEB_PATH.'/tools/lib/interface.d/tpl_' . $_SESSION['s']['user']['app_theme'] . '.menu.php')) include_once ISPC_WEB_PATH.'/tools/lib/interface.d/tpl_' . $_SESSION['s']['user']['app_theme'] . '.menu.php';
$module['nav'][] = array( 'title' => 'Interface',
'open' => 1,
'items' => $items);
unset($items);
?>
interface/web/tools/templates/interface_settings.htm deleted 100644 → 0
View file @ c5b28475
<!-- TODO: If user theme change is activated -->
<div class="form-group">
<label for="app_theme" class="col-sm-3 control-label">{tmpl_var name='app_theme_txt'}</label>
<div class="col-sm-9"><select name="app_theme" id="app_theme" class="form-control">
{tmpl_var name='app_theme'}
</select></div>
</div>
<!-- TODO: Limit to activated modules -->
<div class="form-group">
<label for="startmodule" class="col-sm-3 control-label">{tmpl_var name='startmodule_txt'}</label>
<div class="col-sm-9"><select name="startmodule" id="startmodule" class="form-control">
{tmpl_var name='startmodule'}
</select></div>
</div>
<input type="hidden" name="id" value="{tmpl_var name='id'}">
<div class="clear"><div class="right">
<button class="btn btn-default formbutton-success" type="button" value="{tmpl_var name='btn_save_txt'}" data-submit-form="pageForm" data-form-action="tools/interface_settings.php">{tmpl_var name='btn_save_txt'}</button>
<button class="btn btn-default formbutton-default" type="button" value="{tmpl_var name='btn_cancel_txt'}" data-load-content="tools/index.php">{tmpl_var name='btn_cancel_txt'}</button>
</div></div>
interface/web/tools/templates/user_settings.htm
View file @ 3e0cb809
<div class="form-group">
<label for="passwort" class="col-sm-3 control-label">{tmpl_var name='password_txt'}</label>
<div class="col-sm-9">
<div class="input-group">
<input type="password" name="passwort" id="passwort" value="{tmpl_var name='passwort'}" class="form-control" autocomplete="off" onkeyup="pass_check(this.value);checkPassMatch('passwort','repeat_password');" />
<span class="input-group-btn">
<button class="btn btn-default" type="button" onclick="generatePassword('passwort','repeat_password');">{tmpl_var name='generate_password_txt'}</button>
</span>
</div>
</div>
</div>
<div class="form-group">
<label class="col-sm-3 control-label">{tmpl_var name='password_strength_txt'}</label>
<div class="col-sm-9 checkbox">
<div id="passBar"></div>
<span id="passText">&nbsp;</span>
</div>
</div>
<div class="form-group">
<label for="repeat_password" class="col-sm-3 control-label">{tmpl_var name='repeat_password_txt'}</label>
<div class="col-sm-9"><input type="password" name="repeat_password" id="repeat_password" value="" class="form-control" autocomplete="off" onkeyup="checkPassMatch('passwort','repeat_password');" /></div></div>
<div class="form-group">
<div class="col-sm-offset-3 col-sm-9">
<div id="confirmpasswordError" style="display:none;" class="confirmpassworderror">{tmpl_var name='password_mismatch_txt'}</div>
<div id="confirmpasswordOK" style="display:none;" class="confirmpasswordok">{tmpl_var name='password_match_txt'}</div>
</div>
</div>
<div class="form-group">
<label for="language" class="col-sm-3 control-label">{tmpl_var name='language_txt'}</label>
<div class="col-sm-9"><select name="language" id="language" class="form-control flags">
{tmpl_var name='language'}
</select></div>
</div>
<input type="hidden" name="id" value="{tmpl_var name='id'}">
<div class="clear"><div class="right">
<button class="btn btn-default formbutton-success" type="button" value="{tmpl_var name='btn_save_txt'}" data-submit-form="pageForm" data-form-action="tools/user_settings.php">{tmpl_var name='btn_save_txt'}</button>
<button class="btn btn-default formbutton-default" type="button" value="{tmpl_var name='btn_cancel_txt'}" data-load-content="tools/index.php">{tmpl_var name='btn_cancel_txt'}</button>
</div></div>
<div class="form-group">
<label for="passwort" class="col-sm-3 control-label">{tmpl_var name='password_txt'}</label>
<div class="col-sm-9">
<div class="input-group">
<input type="password" name="passwort" id="passwort" value="{tmpl_var name='passwort'}" class="form-control" autocomplete="off" onkeyup="pass_check(this.value);checkPassMatch('passwort','repeat_password');" />
<span class="input-group-btn">
<button class="btn btn-default" type="button" onclick="generatePassword('passwort','repeat_password');">{tmpl_var name='generate_password_txt'}</button>
</span>
</div>
</div>
</div>
<div class="form-group">
<label class="col-sm-3 control-label">{tmpl_var name='password_strength_txt'}</label>
<div class="col-sm-9 checkbox">
<div id="passBar"></div>
<span id="passText">&nbsp;</span>
</div>
</div>
<div class="form-group">
<label for="repeat_password" class="col-sm-3 control-label">{tmpl_var name='repeat_password_txt'}</label>
<div class="col-sm-9"><input type="password" name="repeat_password" id="repeat_password" value="" class="form-control" autocomplete="off" onkeyup="checkPassMatch('passwort','repeat_password');" /></div>
</div>
<div class="form-group">
<div class="col-sm-offset-3 col-sm-9">
<div id="confirmpasswordError" style="display:none;" class="confirmpassworderror">{tmpl_var name='password_mismatch_txt'}</div>
<div id="confirmpasswordOK" style="display:none;" class="confirmpasswordok">{tmpl_var name='password_match_txt'}</div>
</div>
</div>
<div class="form-group">
<label for="language" class="col-sm-3 control-label">{tmpl_var name='language_txt'}</label>
<div class="col-sm-9"><select name="language" id="language" class="form-control flags">
{tmpl_var name='language'}
</select>
</div>
</div>
<!-- TODO: If user theme change is activated -->
<div class="form-group">
<label for="app_theme" class="col-sm-3 control-label">{tmpl_var name='app_theme_txt'}</label>
<div class="col-sm-9"><select name="app_theme" id="app_theme" class="form-control">
{tmpl_var name='app_theme'}
</select>
</div>
</div>
<!-- TODO: Limit to activated modules -->
<div class="form-group">
<label for="startmodule" class="col-sm-3 control-label">{tmpl_var name='startmodule_txt'}</label>
<div class="col-sm-9"><select name="startmodule" id="startmodule" class="form-control">
{tmpl_var name='startmodule'}
</select>
</div>
</div>
<input type="hidden" name="id" value="{tmpl_var name='id'}">
<div class="clear">
<div class="right">
<button class="btn btn-default formbutton-success" type="button" value="{tmpl_var name='btn_save_txt'}" data-submit-form="pageForm" data-form-action="tools/user_settings.php">{tmpl_var name='btn_save_txt'}</button>
<button class="btn btn-default formbutton-default" type="button" value="{tmpl_var name='btn_cancel_txt'}" data-load-content="tools/index.php">{tmpl_var name='btn_cancel_txt'}</button>
</div>
</div>
interface/web/tools/user_settings.php
View file @ 3e0cb809
......@@ -86,22 +86,50 @@ class page_action extends tform_actions {
if($_POST['passwort'] != $_POST['repeat_password']) {
$app->tform->errorMessage = $app->tform->lng('password_mismatch');
}
$language = $app->functions->check_language($_POST['language']);
$_SESSION['s']['user']['language'] = $language;
$_SESSION['s']['language'] = $language;
}
function onAfterUpdate() {
global $app;
if($_POST['passwort'] != '') {
$tmp_user = $app->db->queryOneRecord("SELECT passwort FROM sys_user WHERE userid = ?", $_SESSION['s']['user']['userid']);
$_SESSION['s']['user']['passwort'] = $tmp_user['passwort'];
unset($tmp_user);
}
$this->updateSessionTheme();
if($this->_theme_changed == true) {
// not the best way, but it works
header('Content-Type: text/html');
print '<script type="text/javascript">document.location.reload();</script>';
exit;
}
}
var $_theme_changed = false;
function updateSessionTheme() {
global $app, $conf;
if($this->dataRecord['app_theme'] != 'default') {
$tmp_path = ISPC_THEMES_PATH."/".$this->dataRecord['app_theme'];
if(!@is_dir($tmp_path) || (@file_exists($tmp_path."/ispconfig_version") && trim(file_get_contents($tmp_path."/ispconfig_version")) != ISPC_APP_VERSION)) {
// fall back to default theme if this one is not compatible with current ispc version
$this->dataRecord['app_theme'] = 'default';
}
}
if($this->dataRecord['app_theme'] != $_SESSION['s']['user']['theme']) $this->_theme_changed = true;
$_SESSION['s']['theme'] = $this->dataRecord['app_theme'];
$_SESSION['s']['user']['theme'] = $_SESSION['s']['theme'];
$_SESSION['s']['user']['app_theme'] = $_SESSION['s']['theme'];
}
function onAfterInsert() {
$this->onAfterUpdate();
}
}
......
remoting_client/API-docs/content.html
View file @ 3e0cb809
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<title>ISPCOnfig 3 remote API documentation</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css">
<!--
.command {
padding: 1em;
border: 1px dashed #2f6fab;
color: black;
background-color: #f9f9f9;
line-height: 1.1em;
font-family: Courier New, Courier, mono;
font-size: 12px;
font-style: italic;
}
.system {
color: black;
font-family: Courier New, Courier, mono;
font-size: 12px;
font-style: italic;
}
.highlight {
color: #FF0000;
font-family: Georgia, "Times New Roman", Times, serif;
font-size: 12px;
text-decoration: underline;
}
-->
</style></head><body style="color: rgb(0, 0, 0); background-color:#FFFFFF;;" alink="#804080" link="#804080" vlink="#603060">
<div style="padding:40px">
<h2>Home</h2>
<br>
ISPConfig 3 remote API documentation.
</div>
</body></html>
<html>
<head>
<title>ISPCOnfig 3 remote API documentation</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css">
<!--
.command {
padding: 1em;
border: 1px dashed #2f6fab;
color: black;
background-color: #f9f9f9;
line-height: 1.1em;
font-family: Courier New, Courier, mono;
font-size: 12px;
font-style: italic;
}
.notes {
color: #17075c;
font-family: Georgia, "Times New Roman", Times, serif;
font-size: 14px;
}
.preface {
color: black;
font-family: Georgia, "Times New Roman", Times, serif;
font-size: 14px;
}
a:link,
a:visited {
text-decoration: none;
}
a:hover,
a:active {
text-decoration: underline;
}
.question {
font-size: 14px;
padding: 0em 0em 0em 1em;
}
.answer {
padding: 0em 0em 0em 2em;
}
-->
</style>
</head>
<body>
<div style="padding:40px">
<h2>ISPConfig 3 Remote API Documentation</h2>
<div class="notes">
<h3>Notes</h3>
<p class="preface">These notes are new for v3.2 and the content will change.<br />
This is currently in FAQ format, because the topics seem to be Frequently Asked Questions.<br />
Over time, notes will also be added to individual function pages.<br />
If you would like to help with this process, please visit the forum, and add your comments to <a
href="https://www.howtoforge.com/community/threads/api-doc-you-can-help.84944/">this thread</a>
which has been created for this purpose.<br />
Thank you for your patience and collaboration.
</p>
<h4 class="question">What do we do to get started with API calls?</h4>
<div class="answer">
<p>Create a "Remote" User in the ISPConfig UI. Check boxes there to assign permissions for
the kinds of queries that can be processed by that user.</p>
<p>Almost all API queries require a session_id. To get that, call the login function, sending the remote
username and password. The response will be a single value which will be used as your session ID for
a limited time period for all other requests.</p>
<p>Finishing with a logout request is recommended, but optional since the session IDs expire.</p>
</div>
<h4 class="question">How do I get all records with a _get request?</h4>
<div class="answer">Rather than using a single integer ID as a primary key selector (domain_id, group_id,
etc), use -1. Where the primary key for a _get request is a string, use an empty array ' [] '. Do not
use an empty string ' "" ', which is itself a valid string and will/should return an empty array result.
</div>
<h4 class="question">Are defaults used if we only send some of the defined parameters?</h4>
<div class="answer">No, there are no default values except where explicitly noted. For example, in the
system_config_get function, the key element is optional because it is documented as defaulting to an
empty string. For all requests, except where documented otherwise, send all documented parameters.</div>
<h4 class="question">Examples are provided for SOAP, why not for REST?</h4>
<div class="answer">The REST API supports all functions and can be exactly substituted for SOAP examples.
For all functions, the request and response parameters are the same for SOAP and REST.</div>
<h4 class="question">Are there examples for cURL? Python? C#? JavaScript? (anything else...)</h4>
<div class="answer">The documentation details request and response parameters which can be passed using any
language or toolchain. The URL always includes the function name. Queries are always sent via POST. The
result is always in the same JSON format. Use Postman or another tool to generate code in your preferred
languages.</div>
<h4 class="question">I created a new record (domain, mail user, etc). Why isn't it showing in the UI?</h4>
<div class="answer">If a parent ID is invalid, a transaction may be accepted, with a record created under a
different parent entity.
</div>
<h4 class="question">Why does a response show a successful result when there is no data?</h4>
<div class="answer">Carefully check the names and values being sent. Invalid name/value pairs are ignored. A
request that does not include a valid request paramenter is requesting nothing, so the return value is
nothing. The query was successful, and returned no data.</div>
<h4 class="question">Why are parameters $session_id and others being ignored?</h4>
<div class="answer">The documentation shows PHP function syntax. SOAP and REST parameters do not include the
leading $dollar-sign</div>
<h4 class="question">Key Concept:</h4>
<div class="answer">Based on the above you may be thinking there is very little error checking with this
API. That is correct. As noted by Jesse Norell: <blockquote>"The api is largely just an interface to the
database tables, and will usually accept what you send, whether that's consistent/correct or not. It
can be a feature, eg. you can create a mail alias first before creating the mailbox to which it
forwards, but it does mean you have a lot more testing to do on your side because you can't just
rely on an error to be thrown if you send inconsistent data."</blockquote>
</div>
<h4 class="question">What is sys_userid and sys_groupid?</h4>
<div class="answer">
<p>These fields are referenced often in the developer forum and in code, usually with some confusion.
These internal database fields are used in SQL queries to determine parent/child client
relationships. The fields are not passed to API calls, with the exception of one function,
client_get_id which is a convenience function to return the client_id for a sys_userid. In the past
other functions included these keys in the request. Now, when a function request includes a
client_id, at query time a lookup is done to get the internal sys_userid for that client.</p>
<p>The sys_userid can identify the creator of a record. This may be the ID of the local/UI user or the
remote/API user that is logging in to create records. If a client record is created without a
reseller, both the sys_userid and the sys_groupid are the same user ID.</p>
<p>If a client record is created with a reseller, the meaning of the fields is completely different. The
sys_userid is not a logged-in user ID. It is a new ID that represents the client under the reseller.
The sys_groupid for a client under a reseller is (a foreign-key to) the sys_userid of the client
record for the reseller. In this scenario, the sys_groupid establishes a child-to-parent
relationship.</p>
</div>
<h4 class="question">What domains are the 'domains_' functions operating on?</h4>
<div class="answer">The 'domains_' functions update the 'domains' table, which is used by the domain limit
module. Clients and resellers are restricted to the domains in this table. To activate domain limits, go
to System > Interface > Main Config, then to the Domains tab. Logout/in. Then go to Sites, Add or Edit a
site, the "Domain" dropdown list uses this table.</div>
<h4 class="question">What will be here next?</h4>
<div class="answer">Maybe something you write... </div>
</div>
</div>
</body>
</html>
\ No newline at end of file
remoting_client/API-docs/mail_user_add.html
View file @ 3e0cb809
......@@ -38,7 +38,7 @@
<p class="margin"> autoresponder_end_date&nbsp;&nbsp;(<span class="paratype">datetime</span>)</p>
<p class="margin"> autoresponder_text&nbsp;&nbsp;(<span class="paratype">mediumtext</span>)</p>
<p class="margin"> autoresponder_subject&nbsp;&nbsp;(<span class="paratype">varchar(255)</span>)</p>
<p class="margin"> move_junk&nbsp;&nbsp;(<span class="paratype">enum('n','y')</span>)</p>
<p class="margin"> move_junk&nbsp;&nbsp;(<span class="paratype">enum('y','a','n')</span>)</p>
<p class="margin"> custom_mailfilter&nbsp;&nbsp;(<span class="paratype">mediumtext</span>)</p>
<p class="margin"> postfix&nbsp;&nbsp;(<span class="paratype">enum('n','y')</span>)</p>
<p class="margin"> access&nbsp;&nbsp;(<span class="paratype">enum('n','y')</span>)</p>
......
remoting_client/API-docs/mail_user_update.html
View file @ 3e0cb809
......@@ -36,7 +36,7 @@
<p class="margin"> autoresponder_start_date&nbsp;&nbsp;(<span class="paratype">datetime</span>)</p>
<p class="margin"> autoresponder_end_date&nbsp;&nbsp;(<span class="paratype">datetime</span>)</p>
<p class="margin"> autoresponder_text&nbsp;&nbsp;(<span class="paratype">mediumtext</span>)</p>
<p class="margin"> move_junk&nbsp;&nbsp;(<span class="paratype">enum('n','y')</span>)</p>
<p class="margin"> move_junk&nbsp;&nbsp;(<span class="paratype">enum('y','a','n')</span>)</p>
<p class="margin"> custom_mailfilter&nbsp;&nbsp;(<span class="paratype">mediumtext</span>)</p>
<p class="margin"> postfix&nbsp;&nbsp;(<span class="paratype">enum('n','y')</span>)</p>
<p class="margin"> access&nbsp;&nbsp;(<span class="paratype">enum('n','y')</span>)</p>
......
remoting_client/examples/client_change_password.php
View file @ 3e0cb809
......@@ -15,11 +15,21 @@ try {
}
//* Set the function parameters.
$domain = 'test.int';
$record_record = $client->mail_domain_get_by_domain($session_id, $domain);
$client_id = 1;
$new_password = 'YourNewPassword';
$success = $client->client_change_password($session_id, $client_id, $new_password);
if ($success == 1)
{
echo "Password has been changed successfully";
}
else
{
echo "Error";
}
print_r($record_record);
echo "<br>";
if($client->logout($session_id)) {
......
security/apache_directives.blacklist
View file @ 3e0cb809
/^\s*(LoadModule|LoadFile|Include|IncludeOptional)(\s+|[\\\\])/mi
/^\s*(SuexecUserGroup|suPHP_UserGroup|suPHP_PHPPath|suPHP_ConfigPath)(\s+|[\\\\])/mi
/^\s*(FCGIWrapper|FastCgiExternalServer)(\s+|[\\\\])/mi
\ No newline at end of file
/^\s*(FCGIWrapper|FastCgiExternalServer)(\s+|[\\\\])/mi
/^\s*(CustomLog|ErrorLog)(\s+|[\\\\])/mi
security/ids.whitelist
View file @ 3e0cb809
......@@ -55,4 +55,6 @@ user:/login/index.php:POST.password
user:/mail/mail_domain_edit.php:POST.dkim_private
user:/mail/mail_domain_edit.php:POST.dkim_public
user:/mail/mail_domain_edit.php:POST.dns_record
user:/sites/web_vhost_domain_edit.php:POST.fastcgi_php_version
\ No newline at end of file
admin:/mail/mail_user_filter_edit.php:POST.searchterm
user:/mail/mail_user_filter_edit.php:POST.searchterm
admin:/mail/mail_user_edit.php:POST.custom_mailfilter
server/conf/apache_apps.vhost.master
View file @ 3e0cb809
######################################################
# This virtual host contains the configuration
# for the ISPConfig apps vhost
......@@ -14,16 +13,54 @@
<FilesMatch "\.ph(p3?|tml)$">
SetHandler None
</FilesMatch>
# SSL Configuration
<tmpl_var name="ssl_comment">SSLEngine On
<tmpl_if name='apache_version' op='>=' value='2.3.16' format='version'>
<tmpl_var name="ssl_comment">SSLProtocol All -SSLv3 -TLSv1 -TLSv1.1
<tmpl_else>
<tmpl_var name="ssl_comment">SSLProtocol All -SSLv2 -SSLv3
</tmpl_if>
<tmpl_var name="ssl_comment">SSLCertificateFile /usr/local/ispconfig/interface/ssl/ispserver.crt
<tmpl_var name="ssl_comment">SSLCertificateKeyFile /usr/local/ispconfig/interface/ssl/ispserver.key
<tmpl_var name="ssl_bundle_comment">SSLCACertificateFile /usr/local/ispconfig/interface/ssl/ispserver.bundle
<tmpl_var name="ssl_comment">SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
<tmpl_var name="ssl_comment">SSLHonorCipherOrder On
<tmpl_if name='apache_version' op='>=' value='2.4.3' format='version'>
<tmpl_var name="ssl_comment">SSLCompression Off
</tmpl_if>
<tmpl_if name='apache_version' op='>=' value='2.4.11' format='version'>
<tmpl_var name="ssl_comment">SSLSessionTickets Off
</tmpl_if>
<IfModule mod_headers.c>
RequestHeader unset Proxy early
# ISPConfig 3.1 currently requires unsafe-line for both scripts and styles, as well as unsafe-eval
Header set Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; object-src 'none'"
<tmpl_var name="ssl_comment">Header set Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; object-src 'none'; upgrade-insecure-requests"
Header set X-Content-Type-Options: nosniff
Header set X-Frame-Options: SAMEORIGIN
Header set X-XSS-Protection: "1; mode=block"
Header always edit Set-Cookie (.*) "$1; HTTPOnly"
<tmpl_var name="ssl_comment">Header always edit Set-Cookie (.*) "$1; Secure"
<IfVersion >= 2.4.7>
Header setifempty Strict-Transport-Security "max-age=15768000"
</IfVersion>
<IfVersion < 2.4.7>
Header set Strict-Transport-Security "max-age=15768000"
</IfVersion>
RequestHeader unset Proxy early
</IfModule>
{tmpl_if name="enable_spdy" op="==" value="y"}
<IfModule spdy_module>
SpdyEnabled on
<tmpl_if name='apache_version' op='>=' value='2.3.3' format='version'>
<tmpl_var name="ssl_comment">SSLUseStapling On
<tmpl_var name="ssl_comment">SSLStaplingResponderTimeout 5
<tmpl_var name="ssl_comment">SSLStaplingReturnResponderErrors Off
</tmpl_if>
<IfModule mod_headers.c>
RequestHeader unset Proxy early
</IfModule>
{/tmpl_if}
<IfModule mod_php5.c>
DocumentRoot {tmpl_var name='apps_vhost_dir'}
......@@ -39,7 +76,7 @@
</tmpl_if>
</Directory>
</IfModule>
<IfModule mod_php7.c>
DocumentRoot {tmpl_var name='apps_vhost_dir'}
AddType application/x-httpd-php .php
......@@ -54,16 +91,16 @@
</tmpl_if>
</Directory>
</IfModule>
<IfModule mod_fcgid.c>
DocumentRoot {tmpl_var name='apps_vhost_dir'}
SuexecUserGroup ispapps ispapps
<Directory {tmpl_var name='apps_vhost_dir'}>
Options +Indexes +FollowSymLinks +MultiViews +ExecCGI
AllowOverride AuthConfig Indexes Limit Options FileInfo
<FilesMatch "\.php$">
SetHandler fcgid-script
</FilesMatch>
<FilesMatch "\.php$">
SetHandler fcgid-script
</FilesMatch>
FCGIWrapper {tmpl_var name='apps_vhost_basedir'}/php-fcgi-scripts/apps/.php-fcgi-starter .php
<tmpl_if name='apache_version' op='>' value='2.2' format='version'>
Require all granted
......@@ -86,4 +123,8 @@
</VirtualHost>
<tmpl_if name='apache_version' op='>=' value='2.3.3' format='version'>
<IfModule mod_ssl.c>
<tmpl_var name="ssl_comment">SSLStaplingCache shmcb:/var/run/ocsp(128000)
</IfModule>
</tmpl_if>
server/conf/apache_ispconfig.conf.master
View file @ 3e0cb809
......@@ -35,6 +35,10 @@ CustomLog "| /usr/local/ispconfig/server/scripts/vlogger -s access.log -t \"%Y%m
</tmpl_if>
</Directory>
<Directory /var/www>
Options -Indexes
</Directory>
<Directory /var/www/conf>
AllowOverride None
<tmpl_if name='apache_version' op='>' value='2.2' format='version'>
......@@ -132,7 +136,7 @@ Alias /.well-known/acme-challenge /usr/local/ispconfig/interface/acme/.well-know
Allow from all
</tmpl_if>
<IfModule mpm_itk_module>
AssignUserId www-data www-data
AssignUserId <tmpl_var name='system_user'> <tmpl_var name='system_group'>
</IfModule>
</Directory>
......
server/conf/awstats_index.php.master
View file @ 3e0cb809
......@@ -45,10 +45,21 @@ arsort($awprev);
$options = "";
foreach ($awprev as $key => $value)
{
if(file_exists($value.'/awsindex.html') && file_exists($value.'/goaindex.html')) {
$awstatsindex = 'awsindex.html';
} elseif(file_exists($value.'/awsindex.html') && !file_exists($value.'/goaindex.html')) {
$awstatsindex = 'awsindex.html';
} else {
$awstatsindex = 'goaindex.html';
}
if($key == $current) $options .= "<option selected=\"selected\" value=\"{$awstatsindex}\">{$value}</option>\n";
else $options .= "<option value=\"{$value}/{$awstatsindex}\">{$value}</option>\n";
}
$awstatsindex = 'awsindex.html';
$html = "<!DOCTYPE html>\n<html>\n<head>\n<title>Stats</title>\n";
$html .= "<style>\nhtml,body {margin:0px;padding:0px;width:100%;height:100%;background-color: #ccc;}\n";
$html .= "#header\n{\nwidth:100%;margin:0px auto;\nheight:20px;\nposition:fixed;\npadding:4px;\ntext-align:center;\n}\n";
......@@ -60,4 +71,4 @@ $html .= $options;
$html .= "</select>\n</div>\n<iframe src=\"{$awstatsindex}\" id=\"content\"></iframe>\n";
$html .= "</body></html>";
echo $html;
?>
\ No newline at end of file
?>
server/conf/bind_pri.domain.master
View file @ 3e0cb809
......@@ -26,6 +26,9 @@ $TTL {tmpl_var name='ttl'}
<tmpl_if name="type" op='==' value='CNAME'>
{tmpl_var name='name'} {tmpl_var name='ttl'} CNAME {tmpl_var name='data'}
</tmpl_if>
<tmpl_if name="type" op='==' value='DNAME'>
{tmpl_var name='name'} {tmpl_var name='ttl'} DNAME {tmpl_var name='data'}
</tmpl_if>
<tmpl_if name="type" op='==' value='DS'>
{tmpl_var name='name'} {tmpl_var name='ttl'} DS {tmpl_var name='data'}
</tmpl_if>
......@@ -50,6 +53,9 @@ $TTL {tmpl_var name='ttl'}
<tmpl_if name="type" op='==' value='SRV'>
{tmpl_var name='name'} {tmpl_var name='ttl'} SRV {tmpl_var name='aux'} {tmpl_var name='data'}
</tmpl_if>
<tmpl_if name="type" op='==' value='SSHFP'>
{tmpl_var name='name'} {tmpl_var name='ttl'} SSHFP {tmpl_var name='data'} {tmpl_var name='data'}
</tmpl_if>
<tmpl_if name="type" op='==' value='TLSA'>
{tmpl_var name='name'} {tmpl_var name='ttl'} TLSA {tmpl_var name='data'}
</tmpl_if>
......@@ -60,5 +66,3 @@ $TTL {tmpl_var name='ttl'}
{tmpl_var name='name'} {tmpl_var name='ttl'} TYPE257 {tmpl_var name='data'}
</tmpl_if>
</tmpl_loop>
server/conf/goaccess_index.php.master 0 → 100644
View file @ 3e0cb809
<?php
$yearmonth_text = "Jump to previous stats: ";
$script = "<script>function load_content(url){var iframe = document.getElementById(\"content\");iframe.src = url;}</script>\n";
if ($handle = opendir('.'))
{
while(false !== ($file = readdir($handle)))
{
if (substr($file,0,1) != "." && is_dir($file))
{
$orderkey = substr($file,0,4).substr($file,5,2);
if (substr($file,5,2) < 10 )
{
$orderkey = substr($file,0,4)."0".substr($file,5,2);
}
$goaprev[$orderkey] = $file;
}
}
$month = date("n");
$year = date("Y");
if (date("d") == 1)
{
$month = date("m")-1;
if (date("m") == 1)
{
$year = date("Y")-1;
$month = "12";
}
}
$current = $year.$month;
if ( $month < 10 ) {
$current = $year."0".$month;
}
$goaprev[$current] = $year."-".$month;
closedir($handle);
}
arsort($goaprev);
$options = "";
foreach ($goaprev as $key => $value)
{
if(file_exists($value.'/awsindex.html') && file_exists($value.'/goaindex.html')) {
$goaccessindex = 'goaindex.html';
} elseif(file_exists($value.'/awsindex.html') && !file_exists($value.'/goaindex.html')) {
$goaccessindex = 'awsindex.html';
} else {
$goaccessindex = 'goaindex.html';
}
if($key == $current) $options .= "<option selected=\"selected\" value=\"{$goaccessindex}\">{$value}</option>\n";
else $options .= "<option value=\"{$value}/{$goaccessindex}\">{$value}</option>\n";
}
$goaccessindex = 'goaindex.html';
$html = "<!DOCTYPE html>\n<html>\n<head>\n<title>Stats</title>\n";
$html .= "<meta charset=\"UTF-8\">\n";
$html .= "<style>\nhtml,body {margin:0px;padding:0px;width:100%;height:100%;background-color: #ccc;}\n";
$html .= "#header\n{\nwidth:100%;margin:0px auto;\nheight:20px;\nposition:fixed;\npadding:4px;\ntext-align:center;\n}\n";
$html .= "iframe {width:100%;height:95%;margin:0px;margin-top:40px;border:0px;padding:0px;}\n</style>\n</head>\n<body>\n";
$html .= $script;
$html .= "<div id=\"header\">{$yearmonth_text}\n";
$html .= "<select name=\"goadate\" onchange=\"load_content(this.value)\">\n";
$html .= $options;
$html .= "</select>\n</div>\n<iframe src=\"{$goaccessindex}\" id=\"content\"></iframe>\n";
$html .= "</body></html>";
echo $html;
?>
server/conf/nginx_apps.vhost.master
View file @ 3e0cb809
......@@ -191,7 +191,7 @@ server {
fastcgi_pass unix:{cgi_socket};
}
location /images/mailman {
location ^~ /images/mailman {
alias /usr/share/images/mailman;
}
......