Implement trusted hostname for web panel ( ? )
220.127.116.11p9), at least when Apache is used, the ISPConfig panel is accessible on the port defined during installation, regardless of the hostname even if one is provided during install.
As an example, if I ask the installer to have SSL enabled for the
example.com domain on port
8080, my panel is accessible at
When clients are hosted on the same IP,
https://clientdomain.com:8080 will also take them to the panel page. I am uncertain whether this is a desired behavior, but my personal preference would be to have the option to limit ISPConfig panel access to the FQDN defined in the installer script.
It is trivial to fix (I currently patch it), by changing the generated ispconfig.vhost so that the
line is replaced by a simple virtualhost that produces a 404, and the actual configuration resides in a virtualhost with the proper FQDN:
<VirtualHost _default_:8080> DocumentRoot "/var/sample/404" </VirtualHost> <VirtualHost *:8080> ServerName myfqdn.com
_default_:8080 Virtualhost produces a 404, and include all the configuration on a :8080 virtualhost
I am uncertain whether this would be of general use, however it is standard practice for my servers, and was wondering if it is something that others might find useful as well.