在端口80上使用Apache的反向代理功能(Debian Etch)运行ISPConfig 2

在端口80上使用Apache的反向代理功能(Debian Etch)运行ISPConfig 2 本文介绍如何配置Debian Etch系统...

使用Apache的反向代理功能(Debian Etch)在端口80上运行ISPConfig 2

版本1.0
作者:Falko Timme

本文介绍如何配置Debian Etch系统,其中安装了Web Hosting控制面板ISPConfig 2 ,以便可以在端口80上访问ISPConfig。默认情况下,ISPConfig使用作为非标准端口的端口81,并被某些防火墙和ISP。 通过使用Apache的mod_proxy模块,我们可以避免这个问题。 它允许我们创建一个可从端口81上的ISPConfig获取页面的反向代理。

请注意:本教程仅关于ISPConfig 2,它与ISPConfig 3不兼容。对于ISPConfig 3 ,github中提供了一个Nginx反向插件。

我不会保证这将为您工作!

1初步说明

我已经在Debian Etch系统上测试过了。 虽然本教程中的一些命令是Debian特定的,但大多数命令可以应用于任何其他Linux发行版(特别是Apache配置)。

我在本教程中使用主机名ispconfig.example.com 。 本教程的目标是访问http://ispconfig.example.com下的ISPConfig 。 我将在两个不同的章节中展示如何执行此操作:如果在http://ispconfig.example.com:81(http )下安装了 ISPConfig, 则将其中一章,如果ISPConfig安装在https:// ispconfig .example.com:81https )。

2 ISPConfig使用http(http://ispconfig.example.com:81)

为了创建http请求的反向代理,我们需要Apache模块mod_proxymod_proxy_http 。 这些已经安装在标准的Debian Etch Apache 2.2安装中,所以我们要做的就是使它们能够实现:

a2enmod proxy
a2enmod proxy_http

之后,我们必须重新加载Apache:

/etc/init.d/apache2 force-reload

接下来,我们必须配置Apache。 打开/etc/apache2/apache2.conf并搜索此部分:

vi /etc/apache2/apache2.conf

[...]
# Include the virtual host configurations:
Include /etc/apache2/sites-enabled/

<Directory /var/www/sharedip>
    Options +Includes -Indexes
    AllowOverride None
    AllowOverride Indexes AuthConfig Limit FileInfo
    Order allow,deny
    Allow from all
    <Files ~ "^\.ht">
    Deny from all
    </Files>
</Directory>
[...]

在本节之前,我们添加以下几行:

NameVirtualHost *
<VirtualHost *>
        ServerName ispconfig.example.com
        DocumentRoot /var/www/
        ProxyRequests Off

        <Proxy *>
          Order deny,allow
          Allow from all
        </Proxy>

        ProxyPass / http://ispconfig.example.com:81/
        ProxyPassReverse / http://ispconfig.example.com:81/
</VirtualHost>

看起来像这样:

[...]
NameVirtualHost *
<VirtualHost *>
        ServerName ispconfig.example.com
        DocumentRoot /var/www/
        ProxyRequests Off

        <Proxy *>
          Order deny,allow
          Allow from all
        </Proxy>

        ProxyPass / http://ispconfig.example.com:81/
        ProxyPassReverse / http://ispconfig.example.com:81/
</VirtualHost>

# Include the virtual host configurations:
Include /etc/apache2/sites-enabled/

<Directory /var/www/sharedip>
    Options +Includes -Indexes
    AllowOverride None
    AllowOverride Indexes AuthConfig Limit FileInfo
    Order allow,deny
    Allow from all
    <Files ~ "^\.ht">
    Deny from all
    </Files>
</Directory>
[...]

然后重新启动Apache:

/etc/init.d/apache2 restart

如果你收到这样的警告:

server1:~/ispconfig/httpd/conf# /etc/init.d/apache2 restart
Forcing reload of web server (apache2)...[Tue May 22 23:23:12 2007] [warn] NameVirtualHost *:0 has no VirtualHosts
[Tue May 22 23:23:22 2007] [warn] NameVirtualHost *:0 has no VirtualHosts

那么你可以在/etc/apache2/apache2.conf注释掉 Include / etc / apache2 / sites-enabled /

vi /etc/apache2/apache2.conf

[...]
# Include the virtual host configurations:
#Include /etc/apache2/sites-enabled/
[...]

或者您在/ etc / apache2 / sites-available / default的开头注释掉NameVirtualHost *行:

vi /etc/apache2/sites-available/default

#NameVirtualHost *
[...]

重新启动Apache:

/etc/init.d/apache2 restart

警告现在应该走了。

最后,我们必须修改ISPConfig配置文件/home/admispconfig/ispconfig/lib/config.inc.php 。 你应该找到这样的东西:

vi /home/admispconfig/ispconfig/lib/config.inc.php

[...]
if(isset($_SERVER['HTTP_HOST'])){
  $go_info["server"]["server_url"] = 'http://'.$_SERVER['HTTP_HOST'];
} else {
  $go_info["server"]["server_url"] = "http://ispconfig.example.com:81";
}
[...]

修改它,使其看起来像这样:

[...]
//if(isset($_SERVER['HTTP_HOST'])){
//  $go_info["server"]["server_url"] = 'http://'.$_SERVER['HTTP_HOST'];
//} else {
  $go_info["server"]["server_url"] = "http://ispconfig.example.com";
//}
[...]

而已。 打开浏览器并输入http://ispconfig.example.com ,您应该会看到ISPConfig登录提示。

3 ISPConfig使用https(https://ispconfig.example.com:81)

为了创建http请求的反向代理,我们需要Apache模块mod_proxymod_proxy_http 。 这些已经安装在标准的Debian Etch Apache 2.2安装中,所以我们要做的就是使它们能够实现:

a2enmod proxy
a2enmod proxy_http

因为我们的Apache反向代理必须能够“通话”到https站点( https://ispconfig.example.com:81 ),我们还需要模块mod_proxy_connectmod_ssl

a2enmod proxy_connect
a2enmod ssl

之后,我们必须重新加载Apache:

/etc/init.d/apache2 force-reload

接下来,我们必须配置Apache。 打开/etc/apache2/apache2.conf并搜索此部分:

vi /etc/apache2/apache2.conf

[...]
# Include the virtual host configurations:
Include /etc/apache2/sites-enabled/

<Directory /var/www/sharedip>
    Options +Includes -Indexes
    AllowOverride None
    AllowOverride Indexes AuthConfig Limit FileInfo
    Order allow,deny
    Allow from all
    <Files ~ "^\.ht">
    Deny from all
    </Files>
</Directory>
[...]

在本节之前,添加以下行:

NameVirtualHost *
<VirtualHost *>
        ServerName ispconfig.example.com
        DocumentRoot /var/www/
        ProxyRequests Off

        <Proxy *>
          Order deny,allow
          Allow from all
        </Proxy>

        ProxyPass / https://ispconfig.example.com:81/
        ProxyPassReverse / https://ispconfig.example.com:81/

        SSLProxyEngine on
        AllowCONNECT 81
</VirtualHost>

看起来像这样:

[...]
NameVirtualHost *
<VirtualHost *>
        ServerName ispconfig.example.com
        DocumentRoot /var/www/
        ProxyRequests Off

        <Proxy *>
          Order deny,allow
          Allow from all
        </Proxy>

        ProxyPass / https://ispconfig.example.com:81/
        ProxyPassReverse / https://ispconfig.example.com:81/

        SSLProxyEngine on
        AllowCONNECT 81
</VirtualHost>

# Include the virtual host configurations:
Include /etc/apache2/sites-enabled/

<Directory /var/www/sharedip>
    Options +Includes -Indexes
    AllowOverride None
    AllowOverride Indexes AuthConfig Limit FileInfo
    Order allow,deny
    Allow from all
    <Files ~ "^\.ht">
    Deny from all
    </Files>
</Directory>
[...]

然后重新启动Apache:

/etc/init.d/apache2 restart

如果你收到这样的警告:

server1:~/ispconfig/httpd/conf# /etc/init.d/apache2 restart
Forcing reload of web server (apache2)...[Tue May 22 23:23:12 2007] [warn] NameVirtualHost *:0 has no VirtualHosts
[Tue May 22 23:23:22 2007] [warn] NameVirtualHost *:0 has no VirtualHosts

那么你可以在/etc/apache2/apache2.conf注释掉 Include / etc / apache2 / sites-enabled /

vi /etc/apache2/apache2.conf

[...]
# Include the virtual host configurations:
#Include /etc/apache2/sites-enabled/
[...]

或者您在/ etc / apache2 / sites-available / default的开头注释掉NameVirtualHost *行:

vi /etc/apache2/sites-available/default

#NameVirtualHost *
[...]

重新启动Apache:

/etc/init.d/apache2 restart

警告现在应该走了。

最后,我们必须修改ISPConfig配置文件/home/admispconfig/ispconfig/lib/config.inc.php 。 你应该找到这样的东西:

vi /home/admispconfig/ispconfig/lib/config.inc.php

[...]
if(isset($_SERVER['HTTP_HOST'])){
  $go_info["server"]["server_url"] = 'https://'.$_SERVER['HTTP_HOST'];
} else {
  $go_info["server"]["server_url"] = "https://ispconfig.example.com:81";
}
[...]

修改它,使其看起来像这样:

[...]
//if(isset($_SERVER['HTTP_HOST'])){
//  $go_info["server"]["server_url"] = 'https://'.$_SERVER['HTTP_HOST'];
//} else {
  $go_info["server"]["server_url"] = "http://ispconfig.example.com";
//}
[...]

请确保它读取http://ispconfig.example.com ,而不是https://ispconfig.example.com

而已。 打开浏览器并输入http://ispconfig.example.com ,您应该会看到ISPConfig登录提示。