Serie 1.3.x - Panel listening ports - CloudFlare

**viper_iii** · Jul 28th 2016

ran the below command to change my panel to https...
Currently on 1.3.0 - Debian - Wheezy - php 5.5 installed

Code

perl /var/www/imscp/engine/setup/imscp-reconfigure -dar panel_ssl

and now the panel won't respond to https/http...

if I re-run the command it will go back to http..

in the setup I chose:
Yes - continue
Yes - Activate SSL
No - Don't have Cert(expect that means it will create a selfsigned for admin.domain.com)
https - Default access mode -

cannot access the panel after this point..
(it is still using port 8080 over https correct? - so no additional firewall ports need to be pass into our private network do they?

not sure which specific log might show where an error might be located... or where the self signed cert might be located if not applied?

-- to regain access --
re-run the command and change default mode to http
which gets access back via http - but still not running or able to connect via https

- I'm sure I'm missing a step or at the part No don't have cert is the issue?

- hopefully provided enough information per:
Reporting Rules
(generally not a bug - usually self generated)

mafioso · Jul 28th 2016

https has port 4443 as default port

**viper_iii** · Jul 28th 2016

yup... That should fix it... Will forward that shortly AND retest

Thx!

**viper_iii** · Jul 28th 2016

ok found another issue - have the correct ports forwarded however found the server is listening to hostname on https : 4443 vs * like other services..

so if I goto hxxps://admin.domain.com:4443 it will not load - Server Not Found
however if I goto hxxps://hostname.domain.com:4443 it loads but has a cert for admin.domain.com -

Not sure where to edit the nginx config to listen for the alias name - at least it appears it will only listen on that name which is odd... but appears to be that way...

mafioso · Jul 28th 2016

nginx is listening to the base server ip, so you surely have no server defined for admin.domain.com. Plesse check your DNS entriss.

**viper_iii** · Jul 28th 2016

hummm.... Was resolving fine prior to enabling https for panel...

Will pm hostnames and up... Uses cloudflare so won't see direct ip without pm.

Can see nginx listening ipv4 and ipv6 but v4 shows host.domaon.com:4443

v6 shows
*:4443

Connected with fqdn after adding matching to DNS... But now none work..... Now wondering if it's firewall related vs server.

**viper_iii** · Jul 28th 2016

problem was cloudflare...

Can't handle the port I guess... Go direct and works fine...

Yup.... https://blog.cloudflare.com/cl…ow-supporting-more-ports/

Can I change port - to 8443?

**Nuxwin** · Jul 28th 2016

@viper_iii

All issues here are on your own side... As admin, you should be able to answer those questions yourself

Quote from viper_iii

Can I change port - to 8443?

I'll act a bit like a teacher here... For any command, you generally get all available options using the --help option:

Shell-Script

# perl /var/www/imscp/engine/setup/imscp-reconfigure --help

Output is:

Shell-Script

# perl /var/www/imscp/engine/setup/imscp-reconfigure --helpUsage: perl imscp-reconfigure [OPTION]...-a --skip-package-update Skip i-MSCP packages update.-c --clean-package-cache Cleanup i-MSCP package cache.-d, --debug Force debug mode.-h,-? --help Show this help.-l, --listener <file> Path to listener file.-n, --noprompt Switch to non-interactive mode.-p, --preseed <file> Path to preseed file.-r, --reconfigure [item] Type `help` for list of allowed items.-v --verboseEnable verbose mode.-x, --fix-permissions Fix permissions recursively.

So now what? I want to reconfigure something (here the listening ports for the panel). The missing info here is: Which item I need to pass as argument of the --reconfigure command line option to reconfigure the listening ports for the panel. Oh, the --reconfigure command line option description say: Type `help` for list of allowed items.

Then, I do like a robot I'm:

Shell-Script

# perl /var/www/imscp/engine/setup/imscp-reconfigure --reconfigure helpUsage: perl imscp-reconfigure [OPTION]...-a --skip-package-update Skip i-MSCP packages update.-c --clean-package-cache Cleanup i-MSCP package cache.-d, --debug Force debug mode.-h,-? --helpShow this help.-l, --listener <file> Path to listener file.-n, --noprompt Switch to non-interactive mode.-p, --preseed <file> Path to preseed file.-r, --reconfigure [item] Type `help` for list of allowed items.-v --verbose Enable verbose mode.-x, --fix-permissions Fix permissions recursively.Reconfigure option usage:Without any argument, this option allows to reconfigure all items. You canreconfigure a specific item by passing it name as argument.Available items are:admin|all|antirootkits|backup|filemanager|ftpd|hostnames|httpd|mailfilters|mtanamed|panel|panel_hostname|panel_ports|panel_ssl|php|po|primary_ip|serversservices_ssl|sql|sqlmanager|ssl|system_hostname|timezone|webmails|webstats

So now, I know that for the reconfiguration of the listening ports for the panel, I must pass panel_ports as argument of the --reconfigure command line option:

Shell-Script

# perl /var/www/imscp/engine/setup/imscp-reconfigure --reconfigure panel_ports

**viper_iii** · Jul 28th 2016

fair enough
will give that a shot shortly
And report back

Thank you

**Nuxwin** · Jul 28th 2016

@viper_iii

I've just sent a message to Cloudflare team for adding support for the 4443 port for https:

Code

Hello,
I'm the director of the i-MSCP (internet Multi Server Control Panel) opensource project. By default our panel is listening on non-standard ports which are:
http: 8080
https: 4443
Could you support the 4443 port too for https?
See https://blog.cloudflare.com/cloudflare-now-supporting-more-ports/ for the relevant documentation on your side.
Thank you.
_______________________________
Laurent Declercq
i-MSCP Project Director
https://www.i-mscp.net

Display More

I'm now waiting for their answer (If I get one).

Serie 1.3.x - Panel listening ports - CloudFlare

Share

Daily visitors