Thank you for verify that a reverse proxy can accomplish what I'd like accomplished. I have the proxy subdomain redirects turned off (under WHM >> Tweak Settings) because there's no way to generate an SSL cert using Let's Encrypt for the various cPanel subdomains when they're turned on. cPanel supports auto-SSL now and perhaps that will generate SSL certs for the various cPanel subdomains, but last time I checked, it didn't.
Anyway, thanks for the response. Ken On Sun, Jan 1, 2017 at 11:22 PM, Yehuda Katz <yeh...@ymkatz.net> wrote: > Reverse proxy is the way to do it. Looking at one of my cPanel servers, it > looks like that might be set up by default (or at least an option to turn > it on). I have this config: > ([P] in the RewriteRule means reverse proxy) > > > # CPANEL/WHM/WEBMAIL/WEBDISK PROXY SUBDOMAINS > > <VirtualHost 192.0.2.2:443 127.0.0.1:443> > ServerName server.example.com > > ServerAlias cpanel.* whm.* webmail.* webdisk.* cpcalendars.* > cpcontacts.* > > DocumentRoot /usr/local/apache/htdocs > ServerAdmin hostmas...@server.example.com > <IfModule mod_suphp.c> > suPHP_UserGroup nobody nobody > </IfModule> > <Proxy "*"> > <IfModule mod_security2.c> > SecRuleEngine Off > </IfModule> > </Proxy> > RewriteEngine On > <IfModule mod_ssl.c> > SSLEngine on > SSLProxyEngine On > SSLProxyVerify none > # Setting to Off for backwards-compatibility > # Read for more info: http://httpd.apache.org/docs/ > 2.4/mod/mod_ssl.html#sslproxycheckpeercn > SSLProxyCheckPeerCN Off > SSLProxyCheckPeerName Off > SSLProxyCheckPeerExpire Off > SSLCertificateFile /var/cpanel/ssl/cpanel/mycpanel.pem > SSLCertificateKeyFile /var/cpanel/ssl/cpanel/mycpanel.pem > SSLCertificateChainFile /var/cpanel/ssl/cpanel/mycpanel.pem > > </IfModule> > RewriteCond %{HTTP_HOST} !^server.example.com$ > RewriteCond %{HTTP_HOST} ^cpanel. > RewriteCond %{HTTPS} on > RewriteRule ^/(.*) https://127.0.0.1:2083/$1 [P] > > RewriteCond %{HTTP_HOST} !^server.example.com$ > RewriteCond %{HTTP_HOST} ^webmail. > RewriteCond %{HTTPS} on > RewriteRule ^/(.*) https://127.0.0.1:2096/$1 [P] > > RewriteCond %{HTTP_HOST} !^server.example.com$ > RewriteCond %{HTTP_HOST} ^whm. > RewriteCond %{HTTPS} on > RewriteRule ^/(.*) https://127.0.0.1:2087/$1 [P] > > RewriteCond %{HTTP_HOST} !^server.example.com$ > RewriteCond %{HTTP_HOST} ^webdisk. > RewriteCond %{HTTPS} on > RewriteRule ^/(.*) https://127.0.0.1:2078/$1 [P] > > RewriteCond %{HTTP_HOST} !^server.example.com$ > RewriteCond %{HTTP_HOST} ^cpcalendars. > RewriteCond %{HTTPS} on > RewriteRule ^/(.*) https://127.0.0.1:2080/$1 [P] > > RewriteCond %{HTTP_HOST} !^server.example.com$ > RewriteCond %{HTTP_HOST} ^cpcontacts. > RewriteCond %{HTTPS} on > RewriteRule ^/(.*) https://127.0.0.1:2080/$1 [P] > > UseCanonicalName Off > </VirtualHost> > > > On Sun, Jan 1, 2017 at 10:20 PM, Spork Schivago <sporkschiv...@gmail.com> > wrote: > >> Yehuda, I understand that when I make changes in the Apache config, >> because I'm using cPanel, I have to do it just right. I know how to make >> changes so they don't get overwritten. I'd still like to know though if >> reverse proxies is what I'm looking for. Perhaps the Apache mailing list >> wasn't the best place to ask. Please ignore the part about cPanel all >> together. >> >> If I wanted to hide the port number from visitors so when they went to >> something like mydomain.com:2083, it'd show subdomain.mydomain.com >> instead, do you think I could accomplish that using a reverse proxy? Is >> there any other ways to accomplish this that anyone knows of? Thank you! >> >> Ken >> >> On Sun, Jan 1, 2017 at 10:01 PM, Yehuda Katz <yeh...@ymkatz.net> wrote: >> >>> I would suggest looking on the cPanel documentation and forums. When you >>> make changes in cPanel it generally overwrites the entire Apache config, so >>> you need to be careful. >>> >>> - Y >>> >>> Sent from a device with a very small keyboard and hyperactive >>> autocorrect. >>> >>> On Jan 1, 2017 4:07 PM, "Spork Schivago" <sporkschiv...@gmail.com> >>> wrote: >>> >>>> I'd like to add that I agree with Stormy. I don't think I've ever >>>> gotten spam, except for this one time. That's why I was a bit curious >>>> about it. I didn't click the post because I wasn't sure what it was. At >>>> first, I thought it was maybe a video related to Apache, but when I hovered >>>> over it, I saw something about infected mushrooms and figured it'd be best >>>> not to click. Anyway, thanks for verifying what it was for me and happy >>>> New Year's to everyone else. >>>> >>>> I do have an Apache related question that I'd like to ask. I have a >>>> domain and I rent a VPS from Linode. I have bought a cPanel license and >>>> use Let's Encrypt free SSL certificates. For reasons I'd rather not get >>>> into at this time (unless you guys really want to know why), I have created >>>> a script to generate the SSL certificates and install them. I have >>>> manually setup subdomains, cpanel.mydomain.com, whm.mydomain.com, etc. >>>> Then, when I go to something like cpanel.mydomain.com, I have a >>>> mod_rewrite rule that redirects me to www.mydomain.com:2083 >>>> >>>> If I wanted to hide the www.mydomain.com:<port number> and just have >>>> it show subdomain.mydomain.com (like cpanel.mydomain.com), would I >>>> want to look into a reverse proxy? I have to admit, i don't know anything >>>> about proxies or reverse proxies. I've seen mention of them in this list >>>> with people trying to do similar things but with stuff that wasn't related >>>> to cPanel. >>>> >>>> Thanks! >>>> >>>> On Sun, Jan 1, 2017 at 12:04 PM, Stormy <storm...@stormy.ca> wrote: >>>> >>>>> At 04:25 PM 1/1/2017 +0000, Good Guy wrote: >>>>> >>>>>> On 01/01/2017 00:51, Spork Schivago wrote: >>>>>> >>>>>>> I don't understand why I'm receiving this e-mail. Is this spam? >>>>>>> Thanks. >>>>>>> >>>>>> >>>>>> Of course it is. Some people celebrate new year by spamming people. >>>>>> They seem to enjoy this. >>>>>> >>>>> >>>>> I would add that the owners/moderators of this list do a remarkable >>>>> job of keeping spam at a near zero percentage of postings. >>>>> >>>>> Anyway, Have a very happy and prosperous 2017. >>>>>> >>>>> >>>>> And from the frozen North, my wishes for 2017 to all... >>>>> >>>>> Paul >>>>> >>>>> --------------------------------------------------------------------- >>>>> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org >>>>> For additional commands, e-mail: users-h...@httpd.apache.org >>>>> >>>>> >>>> >> >
