Skip to content

Panel reverse proxy

As briefly discussed in #5236 (closed):

  • integrated a flag into security_settings.ini called reverse_proxy_panel_allowed
  • known values:
    • none (defaul if not set or unknown), this is as it works now
    • sites proxy is allowed for know sites (created via ispconfig)
    • all switch of cookie domain security complete (every host name is allowed to login via login form)
  • splitted session creation out of app::constructor 'cause otherwise there are some circular references to global $app variable. These references can not resolved when accessing database for the "site" value as far as I saw and understood.

Merge request reports