-4

Note: this is not a firewall issue

I am running a kolab server and trying to increase security by having the web-admin listen on a certain port.. I picked 8443. Here's my conf file:

Alias /kolab-webadmin /usr/share/kolab-webadmin/public_html/

<Directory "/usr/share/kolab-webadmin/public_html/">
    <IfModule mod_rewrite.c>
        RewriteEngine on
        # NOTE: This needs to point to the base uri of your installation.
        RewriteBase /kolab-webadmin/

        # Rewrite URLs of the form 'x' to the form 'index.php?q=x'.
        RewriteCond %{REQUEST_FILENAME} !-f
        RewriteCond %{REQUEST_FILENAME} !-d
        RewriteCond %{REQUEST_URI} !=/favicon.ico
        RewriteRule ^api/(.*)\.(.*)$ api/index.php?service=$1&method=$2 [L,QSA]

    </IfModule>

    AddDefaultCharset   UTF-8
    php_value error_reporting      6135

    DirectoryIndex index.php
    AllowOverride All

    <ifModule mod_authz_core.c>
        Require all granted
    </ifModule>
    <ifModule !mod_authz_core.c>
        Order Allow,Deny
        Allow from All
    </ifModule>

</Directory>

I am not sure exactly how to make this work... I am also on centos 6.6

EDIT:

I only want this specific address (or folder I should say) to open ONLY on port 8443...

so domain.com/webmail will work on port 80

but domain.com/kolab-webadmin works only on 8443

Gordon Snappleweed
  • 75
  • 1
  • 9

2 Answers2

1

A separate port is, from Apache's perspective, a completely separate vhost. The fact that it has the same domain is irrelevant, as far as Apache is concerned.

While a complete answer is far beyond what can be provided, the rough outline of what you need is:

  1. A separate Listen directive, for the new host/port.
  2. A separate vhost, listening on this new host/port, with the necessary configuration to serve the content you want.
  3. Modifications to any other vhost which currently hosts the content you don't want to be served on the main vhost.
  4. Firewalling configuration.
  5. Documentation, for whoever has to deal with this non-standard configuration after you've moved on.
womble
  • 95,029
  • 29
  • 173
  • 228
  • Hi, I know all of that. The answer above kind of got this all correct except for that fact that port 80 works on the webmail and kolab web admin but after I reconfigured with the answer above now kolab webadmin doesn't load on 80 or the new port. Can you try to formulate the answer? It's a really new and basic (clean) config so nothing should collide at all. – Gordon Snappleweed Sep 03 '15 at 01:14
  • If you know all of that, you should probably reformulate your *question* to ask what you actually want to ask. – womble Sep 03 '15 at 01:15
  • My question is : what I currently have- how do I have it ONLY work on port 8443. I don't know much about the rewrites and ifmodules that are all includes from kolab standard, that is where I am stuck. I can do basic vhosting but this config is a little over my head, sorry – Gordon Snappleweed Sep 03 '15 at 01:17
  • Please edit your question to accurately reflect what you are trying to achieve, and *everything* you have done so far. Not everyone reads the comments on answers to find out everything they need to know to write their own answer. – womble Sep 03 '15 at 01:19
  • Read where it says "edit"... – Gordon Snappleweed Sep 03 '15 at 01:19
  • I read that. It doesn't explain exactly everything you've done (or, if it does, you've not done what I suggested in my answer), amongst other things. Also, you should revise the main content of your question, not tack extra information at the bottom. – womble Sep 03 '15 at 01:31
  • There is no other confs. It's a newly installed Apache install. Plus the one in my question. That's it. – Gordon Snappleweed Sep 03 '15 at 01:32
  • If there is no other configuration, then you haven't done everything I suggested in my answer. It's not surprising that things aren't working. – womble Sep 03 '15 at 01:41
  • @GordonSnappleweed, you're being pretty rude to someone that's trying to help you. Not cool. Your question is not clear, the comments you're making aren't helping anything. As womble said, if you want apache to listen on an additional port and serve different content based on the port a client connects to you need to tell it to do so, and that can be done with the VirtualHost directive. – Gene Sep 03 '15 at 01:48
  • @GordonSnappleweed, no, that's not how it works here. You have to tailor your question to be specific if you want specific answers. Broad questions get broad answers. – Gene Sep 03 '15 at 01:51
  • @gene - what's not specific about my questions. I specifically want /kolab-webadmin to ONLY work on 8443... Everything else can run on port 80. How much more specific can I get...? – Gordon Snappleweed Sep 03 '15 at 01:52
  • @GordonSnappleweed, Serverfault expects you to put a reasonable effort towards working on your problems. Coming in and expecting others to do your work for you isn't very welcome. – Gene Sep 03 '15 at 01:55
  • Gene.... Come on now. Do you really think that? You don't think I tried changing the listen directive? You don't think I tried playing with the vhosts? If you read, I am not an Apache pro. I'm sure there's things you aren't great at either that you post questions to that you obviously can't work towards an answer on. If you look at my other questions you'll see most of problems are extremely complex and I have yet to get an answer on. See: http://serverfault.com/q/716465/279772 – Gordon Snappleweed Sep 03 '15 at 02:00
  • 1
    No, I don't know what you've tried because your question is unclear as to what you've tried and what you were trying to accomplish. As for any other unanswered questions you have asked, them's the breaks. You can try placing a bounty on the question to raise visibility, but there isn't a guarantee that there will always be someone with the skill sets to help you with everything you need. – Gene Sep 03 '15 at 02:11
1

You can add another entry of Listen to the the apache config on the desired port.

Listen 203.0.113.1:80
Listen 203.0.113.2:8443

Then, you can add your directory configuration on a VirtualHost.

<VirtualHost 203.0.113.1:80>
  Your webmail config goes here.
</VirtualHost>

<VirtualHost 203.0.113.2:8443>
  Your kolab-webadmin goes here.
</VirtualHost>

Hope this help.

Rafael Silva
  • 26
  • 2