I've created a small guide with the details to configure the navigation of the server via proxy. Feel free to comment or discuss the information.
-
-
One of the problematic cases is when you go to Settings -> Software options
The code in software_options.php tries to download the xm file via file_get_contents so it will fail if navigation is blocked.
Have yet to figure a neat way to fix this.. -
-
One of the problematic cases is when you go to Settings -> Software options
The code in software_options.php tries to download the xm file via file_get_contents so it will fail if navigation is blocked.
Have yet to figure a neat way to fix this..Hello :
I the documentation you created, you say:
It's not true. The i-MSCP addons such as roundcube, phpmyadmin and ajaxplorer are still managed by us but in their own git repository and metadata for their repository are pulled from the packagist.org repository (Official repository for composer packages).
Also, it could be great if you add a title to your documentations.
Thanks.
-
Display More
Hello :
I the documentation you created, you say:
It's not true. The i-MSCP addons such as roundcube, phpmyadmin and ajaxplorer are still managed by us but in their own git repository and metadata for their repository are pulled from the packagist.org repository (Official repository for composer packages).
There are two different cases where i-mscp is connecting to the outside and that which ATM I still don't have totally clear.1.- On the software management menus all the downloads are processed via file_get_contents which doesn't support proxy configuration (only changing the php context stream)
2.- The packages for roundcube,phpmyadmin, etc.. are downloaded at some point, when exactly?
Quote
Also, it could be great if you add a title to your documentations.
Done, had forgot about that
-
-
Hello ;
The metadata for addon packages are stored on packagist.org and the package source on github.
https://packagist.org/search/?q=imscp
https://github.com/organizations/i-MSCPYou did not read that thread ??? http://forum.i-mscp.net/Thread…vailable-on-packagist-org
BTW: Using a proxy on a hosting server sound really strange...
-
Display More
Hello ;The metadata for addon packages are stored on packagist.org and the package source on github.
https://packagist.org/search/?q=imscp
https://github.com/organizations/i-MSCP
Had forgot about that, after looking more into it I see that in my case I didn't saw the links because the proper version were already on the cache. After using -c it redownloads again without problems (and using the proxy properly)
[quote='Nuxwin','http://migration.i-mscp.net/index.php/Thread/?postID=9638#post9638']
BTW: Using a proxy on a hosting server sound really strange...
http://forum.i-mscp.net/Thread…vailable-on-packagist-org
The vector used for most of the web attacks to install the toolkits for exploitation of the server is usually the http download. Hence blocking that and allowing only trusted browsing you are avoiding many risks. Since changing that policy the incidents are much more uncommon, specially on a hosting server where the customers don't update the websites with security patches. -
-
The vector used for most of the web attacks to install the toolkits for exploitation of the server is usually the http download. Hence blocking that and allowing only trusted browsing you are avoiding many risks. Since changing that policy the incidents are much more uncommon, specially on a hosting server where the customers don't update the websites with security patches.Re ;
I'm still in my position. Are you really thinking that customers will edit Web applications uploaded in their Web directory to make them compliant with any proxy you are using? I'm talking about applications that use Curl and so on... For now, It's not possible to setup proxy globally for PHP. You can do that with some workarounds (I've found one) but it's no viable for all contexts.
Well, that sounds really like a bad idea.
-
Quote
Re ;
I'm still in my position. Are you really thinking that customers will edit Web applications uploaded in their Web directory to make them compliant with any proxy you are using? I'm talking about applications that use Curl and so on... For now, It's not possible to setup proxy globally for PHP. You can do that with some workaround (I've found one) but it's no viable for all contexts.
Well, that sounds really like a bad idea.
I agree that's not a easy thing to deploy and there's resistance, but once you have it running, it's a joy, it's so easy to spot problems and debug customer issues related to this kind of stuff, and the increased security is also noticeable.
At least the most popular web platform currently (wordpress) supports proxy without problems, see here
And on the cases where the software is using php curl extensions it's trivial to add the proxy support.
In any case I'm content enough with the curl solution at this point
-
-
Ok, just updated the wiki page with a missing part (the environment variables)