iMSCP behind a firewall

**MiGro94** · Jun 24th 2019

Hi,

first of all please excuse the stupid question, but I just can't get any further at the moment.

I have an iMSCP server behind a PFSense.

The forwarding itself works very well.

The problem is that I have different domains on my iMSCP instance. However, if I enter these domains via the Webgui, I only get to one page again and again.

So for example I have mgross.org and mgw94.de.

Both sites have different website contents based on iMSCP - but they all continue to work on mgross.org.

Somebody an idea?

Regards

Michael

Attached the forwarding rules

2019-06-24 16_41_57-Window.png

**Nuxwin** · Jun 24th 2019

Good evening,

For both sites please, show us the content of the Apache2 vhost (http and ssl versions) files. Don't forget to surround your copy-paste with bbcode tags.

**DrCarsonBeckett** · Jun 24th 2019

So you do mean that every page directs you to the contact of mgross.org?

If yes, was it like this from the very beginning oder did you change something?

Or what did you mean with "they all continue to work on mgross.org"?

Did you check the vhost files and log files?

Edit: Too late.

**MiGro94** · Jun 24th 2019

Hi,

thank you very much for your reply.

DrCarsonBeckett: This is correct - every page redirects to mgross.org - the problem was still from the beginning, because I have set up the environment yesterday evening.

Code: mgross.org.conf

<VirtualHost 192.168.1.12:80>
ServerAdmin xxxxxxxxxxxxxxxxxx
ServerName mgross.org
ServerAlias www.mgross.org dmn1.panel.mgross.org
DocumentRoot /var/www/virtual/mgross.org/htdocs
DirectoryIndex disabled
LogLevel error
ErrorLog /var/log/apache2/mgross.org/error.log
Alias /errors/ /var/www/virtual/mgross.org/errors/
SuexecUserGroup vu2003 vu2003
<Proxy "unix:/run/php/php5.6-fpm-mgross.org.sock|fcgi://mgross.org" retry=0>
ProxySet connectiontimeout=5 timeout=7200
</Proxy>
<Directory /var/www/virtual/mgross.org/htdocs>
Options FollowSymLinks
DirectoryIndex index.php
AllowOverride All
<If "%{REQUEST_FILENAME} =~ /\.ph(?:p[3457]?|t|tml)$/ && -f %{REQUEST_FILENAME}">
SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
SetHandler proxy:fcgi://mgross.org
</If>
DirectoryIndex index.html index.xhtml index.htm
Require all granted
</Directory>
Alias /cgi-bin/ /var/www/virtual/mgross.org/cgi-bin/
<Directory /var/www/virtual/mgross.org/cgi-bin>
AllowOverride AuthConfig Indexes Limit Options=Indexes,MultiViews \
Fileinfo=RewriteEngine,RewriteOptions,RewriteBase,RewriteCond,RewriteRule Nonfatal=Override
DirectoryIndex index.cgi index.pl index.py index.rb
Options FollowSymLinks ExecCGI
AddHandler cgi-script .cgi .pl .py .rb
Require all granted
</Directory>
<Location /stats>
ProxyErrorOverride On
ProxyPreserveHost Off
ProxyPass http://127.0.0.1:8889/stats/mgross.org retry=1 acquire=3000 timeout=600 Keepalive=On
ProxyPassReverse http://127.0.0.1:8889/stats/mgross.org
</Location>
Include /etc/apache2/imscp/mgross.org.conf
</VirtualHost>

Display More

Code: mgross.org_ssl.conf

<VirtualHost 192.168.1.12:443>
ServerAdmin xxxxxxxxxxxxxxxxxxx
ServerName mgross.org
ServerAlias www.mgross.org dmn1.panel.mgross.org
DocumentRoot /var/www/virtual/mgross.org/htdocs
DirectoryIndex disabled
LogLevel error
ErrorLog /var/log/apache2/mgross.org/error.log
Alias /errors/ /var/www/virtual/mgross.org/errors/
SSLEngine On
SSLCertificateFile /var/www/imscp/gui/data/certs/mgross.org.pem
Header always set Strict-Transport-Security "max-age=0; includeSubDomains"
SuexecUserGroup vu2003 vu2003
<Proxy "unix:/run/php/php5.6-fpm-mgross.org.sock|fcgi://mgross.org" retry=0>
ProxySet connectiontimeout=5 timeout=7200
</Proxy>
<Directory /var/www/virtual/mgross.org/htdocs>
Options FollowSymLinks
DirectoryIndex index.php
AllowOverride All
<If "%{REQUEST_FILENAME} =~ /\.ph(?:p[3457]?|t|tml)$/ && -f %{REQUEST_FILENAME}">
SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
SetHandler proxy:fcgi://mgross.org
</If>
DirectoryIndex index.html index.xhtml index.htm
Require all granted
</Directory>
Alias /cgi-bin/ /var/www/virtual/mgross.org/cgi-bin/
<Directory /var/www/virtual/mgross.org/cgi-bin>
AllowOverride AuthConfig Indexes Limit Options=Indexes,MultiViews \
Fileinfo=RewriteEngine,RewriteOptions,RewriteBase,RewriteCond,RewriteRule Nonfatal=Override
DirectoryIndex index.cgi index.pl index.py index.rb
Options FollowSymLinks ExecCGI
AddHandler cgi-script .cgi .pl .py .rb
Require all granted
</Directory>
<Location /stats>
ProxyErrorOverride On
ProxyPreserveHost Off
ProxyPass http://127.0.0.1:8889/stats/mgross.org retry=1 acquire=3000 timeout=600 Keepalive=On
ProxyPassReverse http://127.0.0.1:8889/stats/mgross.org
</Location>
Include /etc/apache2/imscp/mgross.org.conf
</VirtualHost>

Display More

Code: mgw94.de.conf

<VirtualHost 192.168.1.12:80>
ServerAdmin xxxxxxxxxxxxxxxxxxx
ServerName mgw94.de
ServerAlias www.mgw94.de dmn2.panel.mgross.org
DocumentRoot /var/www/virtual/mgw94.de/htdocs
DirectoryIndex disabled
LogLevel error
ErrorLog /var/log/apache2/mgw94.de/error.log
Alias /errors/ /var/www/virtual/mgw94.de/errors/
SuexecUserGroup vu2004 vu2004
<Proxy "unix:/run/php/php5.6-fpm-mgw94.de.sock|fcgi://mgw94.de" retry=0>
ProxySet connectiontimeout=5 timeout=7200
</Proxy>
<Directory /var/www/virtual/mgw94.de/htdocs>
Options FollowSymLinks
DirectoryIndex index.php
AllowOverride All
<If "%{REQUEST_FILENAME} =~ /\.ph(?:p[3457]?|t|tml)$/ && -f %{REQUEST_FILENAME}">
SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
SetHandler proxy:fcgi://mgw94.de
</If>
DirectoryIndex index.html index.xhtml index.htm
Require all granted
</Directory>
Alias /cgi-bin/ /var/www/virtual/mgw94.de/cgi-bin/
<Directory /var/www/virtual/mgw94.de/cgi-bin>
AllowOverride AuthConfig Indexes Limit Options=Indexes,MultiViews \
Fileinfo=RewriteEngine,RewriteOptions,RewriteBase,RewriteCond,RewriteRule Nonfatal=Override
DirectoryIndex index.cgi index.pl index.py index.rb
Options FollowSymLinks ExecCGI
AddHandler cgi-script .cgi .pl .py .rb
Require all granted
</Directory>
<Location /stats>
ProxyErrorOverride On
ProxyPreserveHost Off
ProxyPass http://127.0.0.1:8889/stats/mgw94.de retry=1 acquire=3000 timeout=600 Keepalive=On
ProxyPassReverse http://127.0.0.1:8889/stats/mgw94.de
</Location>
Include /etc/apache2/imscp/mgw94.de.conf
</VirtualHost>

Display More

Unfortunately it is not possible to edit the font in "Code"-Section

I have now set up a 1:1 NAT on the firewall so that everything is passed to the web server - but unfortunately this also produces the same error.

Regards

Michael

**Nuxwin** · Jun 24th 2019

MiGro94

As I can see, you didn't posted any SSL vhost for the mgw94.de site. Default behavior for Apache when you are asking for inexistent site (here the mgw94.de SSL version), is to serve the first vhost found. So here, because there is no SSL vhost file for the mgw94.de site, Apache serve the SSL version of the mgross.org site. Regarding the redirection, this can be due to the HSTS feature which, I think, is enabled for the mgross.org SSL site.

If you do not want that behavior, you need to install the ServerDefaultPage i-MSCP plugin, or enable SSL for the mgw94.de site.

BTW: Because the browser cache HSTS redirects, you'll have to flush them after enabling SSL for the mgw94.de site, else, you'll be still redirected to the mgross.org ssl site...

**MiGro94** · Jun 24th 2019

** Now the monkey smilie is missing who puts his hands in front of his eyes. **

Thank you very much for assistance.

I wonder why I didn't notice it myself.

**Nuxwin** · Jun 24th 2019

Quote from MiGro94

** Now the monkey smilie is missing who puts his hands in front of his eyes. **

Thank you very much for assistance.

I wonder why I didn't notice it myself.

You're welcome

**Nuxwin** · Jun 24th 2019

Quote from Iceman

...

Edit: Too late.

Sorry (CHUCKLE)

**DrCarsonBeckett** · Jun 24th 2019

Hahaha. Thought about what he meant, removed a part and then re-added it. Took too long.

Btw, just noticed now that the serve default page is (does) way more than I expected it too be.

iMSCP behind a firewall

Nuxwin Jun 24th 2019

Share

Daily visitors