Results 1 to 6 of 6
  1. #1

    Question cpanelproxy and SSL

    Hi,

    I will install cpanelproxy to access whm and cpanel from my work, public library and university, but having to send clear text passwords is a problem for me.

    I'm sure there's some persons here that tried to install cpanelproxy with SSL configuration in apache...

    Was it working ? Any issues ?
    thanks for your help

  2. #2
    Join Date
    Nov 2004
    Location
    Australia
    Posts
    1,683
    It should be possible to enhance cpanelproxy to cope with the SSL versions of cpanel and WHM (not sure if an SSL version of WHM exists).

    However, why would you bother? Modern switch technology makes it really hard to listen in on network traffic, and unless your network is highly insecure I'd worry more about securing the endpoints (PC, server) rather than the transmission medium.

  3. #3
    because from two of the three access, i will have to pass through wifi network without encryption ...

    Have you tried to install it with ssl ? did it worked ?
    A ssl version of cpanel and whm exists... for sure it does

  4. #4
    Join Date
    Nov 2004
    Location
    Australia
    Posts
    1,683
    Ahhh ... good reason!

    I haven't tried it; you'll have to enhance cpanelproxy to add those ports. That is, you'll have to add some code to cpanelproxy.php.

    The enhancement is pretty straightforward if you are familiar with PHP. You just need to add the "host" variable and a case in a switch statement; search for "2082" in the source to find where to change it. Then set up your CNAMEs in DNS and you should be fine.

    Sorry: typo - "(not sure if an SSL version of WHM exists)" should have been "(not sure if an SSL version of webmail exists)"!

  5. #5
    thanks for the info...

    Changes in php code looks easy ...

    And for the webmail with ssl, yes it does. On port 2096 ...

    I'll install it as soon as i have the time to do it

  6. #6
    Join Date
    Nov 2004
    Location
    Australia
    Posts
    1,683
    I rethought this a little since posting the earlier message. It may not be as easy as changing the script in the way I suggested -- the script only deals with the part of the data path that lives on the server, so channelling that through the encrypted ports is useless (and you'd need to use curl too). D'oh!!

    However, if you think about it, if you have a certificate for abc.net, in theory you should be able to get https://cpanel.abc.net to work. This should encrypt the tunnel back to the server, which is what you want, and on the server it should proxy through to cpanel.

    I tried and it didn't work (it went to the default page for that IP address rather than cpanel), so perhaps thats where we should focus our attention. It'll be something missing/wrong in httpd.conf ...

    Gotta make sure we reflect this change back to the author's website too!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •