Implement trusted hostname for web panel ( ? )
Currently (3.0.5.4p9
), at least when Apache is used, the ISPConfig panel is accessible on the port defined during installation, regardless of the hostname even if one is provided during install.
As an example, if I ask the installer to have SSL enabled for the example.com
domain on port 8080
, my panel is accessible at https://example.com:8080
.
When clients are hosted on the same IP, https://clientdomain.com:8080
will also take them to the panel page. I am uncertain whether this is a desired behavior, but my personal preference would be to have the option to limit ISPConfig panel access to the FQDN defined in the installer script.
It is trivial to fix (I currently patch it), by changing the generated ispconfig.vhost so that the
<VirtualHost _default_:8080>
line is replaced by a simple virtualhost that produces a 404, and the actual configuration resides in a virtualhost with the proper FQDN:
<VirtualHost _default_:8080>
DocumentRoot "/var/sample/404"
</VirtualHost>
<VirtualHost *:8080>
ServerName myfqdn.com
_default_:8080
Virtualhost produces a 404, and include all the configuration on a :8080 virtualhost
I am uncertain whether this would be of general use, however it is standard practice for my servers, and was wondering if it is something that others might find useful as well.