diretcadmin global rewriterule
Specify RewriteOptions InheritDown in the parent scope (such as httpd.conf) to get your rules applied in child Virtual Hosts without modifing them.
This will only work on Virtual Hosts where the RewriteEngine directive is set to on:
RewriteRule not applying when used in the server config / VirtualHost
RewriteRule ^schedule$ index.html?=/schedule [NC]
In a server or virtualhost context (as opposed to a directory or .htaccess context) the URL-path matched by the RewriteRule pattern matches the full root-relative URL-path, starting with a slash. So the above pattern (ie. ^schedule$) will never match here and the rule does nothing. In this context, the substitution string must also represent a root-relative path (starting with a slash).
Try the following instead:
RewriteRule ^/schedule$ /index.html?=/schedule [NC,L]
(Aside: ?=/schedule is an unusual query string as it's missing a parameter name?)
Or, use a backreference to save repetition:
RewriteRule ^/schedule$ /index.html?=$0 [NC,L]
Where $0 is a backreference that contains the full match from the RewriteRule pattern, ie. /schedule in this example.
To Accept Globally in Apache
To apply this rule to all the domains under the server, follow the steps given below.
1) For accepting globally in the Apache, first of all, we need to create a global config file. The location of the file should be as given below.
/usr/local/directadmin/data/templates/custom/cust_httpd.CUSTOM.pre
Then add the following code in that file.
|?SSL_REDIRECT_HOST=www.`DOMAIN`| |*if SUB| |?SSL_REDIRECT_HOST=`SUB`.`DOMAIN`| |*endif| |*if SSL_TEMPLATE="1"| |?SSL_REDIRECT_HOST=| |*endif|
2) After that, we want to use the variable, so create a file at the following location with the same name.
/usr/local/directadmin/data/templates/custom/cust_httpd.CUSTOM.post
Now, Add the following code into the file in case of Apache.
|*if SSL_REDIRECT_HOST!=""| Redirect / https://|SSL_REDIRECT_HOST|/ |*endif|
In the case of Nginx, the code will be a little different. Here is the code for Nginx.
|*if SSL_TEMPLATE="0"| return 301 https://$host$request_uri; |*endif|
3) And if you want to enable https for all domain except one, then within the same code you can specify it. To disable it for only one domain name, go to:
Admin Level -> Custom Httpd Config -> domain.com
and in the CUSTOM token text area, add this text.
|?SSL_REDIRECT_HOST=|
This will make the variable blank and the specific domain name will be excluded from the rule.
4) Then need to rewrite the configs to use it.
cd /usr/local/directadmin/custombuild
./build rewrite_confs
Apply Customization Through Templates
Direct Admin has global templates for OpenLiteSpeed, which can be found in /usr/local/directadmin/data/templates.
# pwd
/usr/local/directadmin/data/templates
# ls -la openlitespeed_*
-rw-r--r-- 1 diradmin diradmin 99 Oct 22 18:25 openlitespeed_context_protected.conf
-rw-r--r-- 1 diradmin diradmin 978 Oct 22 18:25 openlitespeed_ips.conf
-rw-r--r-- 1 diradmin diradmin 398 Oct 22 18:25 openlitespeed_listener.conf
-rw-r--r-- 1 diradmin diradmin 1307 Oct 22 18:25 openlitespeed_redirect_vhost.conf
-rw-r--r-- 1 diradmin diradmin 3131 Oct 22 18:25 openlitespeed_vhost.confTo customize OpenLiteSpeed settings, you can copy these default templates over to /usr/local/directadmin/data/templates/custom and place any customized templates in /usr/local/directadmin/data/templates/custom/openlitespeed*. Then, when you rewrite the configuration, customized templates will be used instead of default templates, where applicable.
cd /usr/local/directadmin/custombuild
./build rewrite_confsIf you need a configuration to apply to all virtual hosts, however, we suggest using the pre/post hooks that DirectAdmin supplies for customization. Such hooks include:
CUSTOM1: Appears at the very top of the template, before setting the variables.
CUSTOM2: Appears in the scripthandler{} section.
CUSTOM3: Appears in ALL context{} sections, used for password protected directories.
CUSTOM4: Appears in the phpIniOverride{} section.
CUSTOM5: Appears in the rewrite{} section.
CUSTOM6: Appears in the vhssl{} section.
CUSTOM7: The very last entry.
Example: Rewrite Rules
Say you want to block xmlrpc and wp-trackback files for all virtual hosts. You can use a rewrite rule like the following:
RewriteRule ^/(xmlrpc|wp-trackback)\.php - [F,L,NC]To include this rewrite rule into all virtual host configurations, you can use the CUSTOM5 pre-hook, which appears in the rewrite{} section of the /usr/local/directadmin/data/templates/custom/ directory. Create a /usr/local/directadmin/data/templates/custom/cust_openlitespeed.CUSTOM.5.pre file with above rule in it, then rewrite the configuration:
cd /usr/local/directadmin/custombuild
./build rewrite_confsAfter that, the cutomized rule will be inserted to each virtual host rewrite section. For example, /usr/local/directadmin/data/users/$USER/openlitespeed.conf might now contain the following:
rewrite {
enable 1
autoLoadHtaccess 1
RewriteRule ^/(xmlrpc|wp-trackback)\.php - [F,L,NC]
}Example: Headers
Let’s say you want to enable HSTS. To do so, you will need add headers to all virtual host “/” contexts, using code like the following:
context / {
location $DOC_ROOT/
allowBrowse 1
extraHeaders <<<END_extraHeaders
Strict-Transport-Security: max-age=15552000
X-Content-Type-Options nosniff
END_extraHeaders
rewrite {
}
addDefaultCharset off
phpIniOverride {
}
}Put the following code in /usr/local/directadmin/data/templates/custom/cust_openlitespeed.CUSTOM.7.pre, and rewrite the configuration as shown in the first example. CUSTOM7 appears at the very end. So now the block of code should be inserted into the very last entries of all virtual host configurations.
DirectAdmin’s OpenLiteSpeed Templates
For reference, here is a list of the default DirectAdmin OpenLiteSpeed templates.
openlitespeed_context_protected.conf
authName |AUTH_NAME|
allowBrowse 1
realm |PROTECTED_PATH|/
accessControl {
allow *
}openlitespeed_ips.conf
|CUSTOM1|
|?DOCROOT=HOME/domains/sharedip|
|*if STATUS="server"|
|?DOCROOT=/var/www/html|
|*endif|
|?SSLPROTOCOL=30|
|CUSTOM2|
virtualHost |IP| {
|CUSTOM3|
listeners |LISTENER_80|, |LISTENER_443|
user |USER|
group |USER|
vhRoot |HOME|
allowSymbolLink 1
enableScript 1
restrained 1
setUIDMode 2
docRoot |DOCROOT|
vhDomain |IP|
adminEmails root@localhost
enableGzip 1
enableIpGeo 1
rewrite {
enable 1
autoLoadHtaccess 1
RewriteFile .htaccess
|CUSTOM4|
}
|CUSTOM5|
vhssl {
keyFile |KEY|
certFile |CERT|
certChain 1
sslProtocol |SSLPROTOCOL|
}
# include aliases
include /usr/local/lsws/conf/httpd-alias.conf
|CUSTOM6|
}openlitespeed_listener.conf
|CUSTOM1|
|?SSLPROTOCOL=30|
|CUSTOM2|
listener |LISTENER_80| {
|CUSTOM3|
address |IP|:80
secure 0
|CUSTOM4|
}
listener |LISTENER_443| {
|CUSTOM5|
address |IP|:443
secure 1
keyFile |KEY|
certFile |CERT|
certChain 1
sslProtocol |SSLPROTOCOL|
|CUSTOM6|
}openlitespeed_redirect_vhost.conf
|CUSTOM1|
|?WWW_PREFIX=www.|
|*if WWW_REDIRECT="no"|
|?WWW_PREFIX=|
|*endif|
|?VH_PORT=PORT_80|
|?VHROOT=HOME|
|?DOCROOT=HOME/domains/DOMAIN/public_html|
|?SSLPROTOCOL=30|
|CUSTOM2|
virtualHost |POINTER|-|VH_PORT| {
|CUSTOM3|
user |USER|
group |GROUP|
vhRoot |VHROOT|
setUIDMode 2
listeners |LISTENERS|
docRoot |DOCROOT|
vhDomain |POINTER|
vhAliases www.|POINTER|
rewrite {
enable 1
RewriteRule (.*)$ http://|WWW_PREFIX||DOMAIN|/$1 [R=301,L]
}
|CUSTOM4|
}
|*if HAVE_SSL="1"|
|?VH_PORT=PORT_443|
virtualHost |POINTER|-|VH_PORT| {
|CUSTOM5|
user |USER|
group |GROUP|
vhRoot |VHROOT|
setUIDMode 2
listeners |SSL_LISTENERS|
docRoot |DOCROOT|
vhDomain |POINTER|
vhAliases www.|POINTER|
rewrite {
enable 1
RewriteRule (.*)$ https://|WWW_PREFIX||DOMAIN|/$1 [R=301,L]
}
vhssl {
keyFile |KEY|
certFile |CERT|
certChain 1
sslProtocol |SSLPROTOCOL|
}
|CUSTOM6|
}
|*endif|openlitespeed_vhost.conf
CUSTOM1|
|?PUBLIC_HTML=public_html|
|?VH_PORT=PORT_80|
|*if SSL_TEMPLATE="1"|
|?PUBLIC_HTML=private_html|
|?VH_PORT=PORT_443|
|*endif|
|?DOCROOT=HOME/domains/DOMAIN/PUBLIC_HTML|
|?PUB_DOCROOT=HOME/domains/DOMAIN/public_html|
|?SDOMAIN=DOMAIN|
|?LOG_NAME=DOMAIN|
|*if SUB|
|?DOCROOT=DOCROOT/SUB|
|?SDOMAIN=SUB.DOMAIN|
|?LOG_NAME=DOMAIN.SUB|
|*endif|
|?REALDOCROOT=DOCROOT|
|?VHROOT=HOME|
|?SCRIPTHANDLER=lsphpPHP1_RELEASE|
|?SSLPROTOCOL=30|
|?OBDP1=|
|*if PHP1_RELEASE!="0"|
|?OBDP1=:/usr/local/phpPHP1_RELEASE/lib/php/|
|*endif|
|?OBDP2=|
|?OPEN_BASEDIR_PATH=HOME/:/tmp:/var/tmp:/opt/alt/phpPHP1_RELEASE/usr/share/pear/:/dev/urandom:/usr/local/lib/php/OBDP1OBDP2|
|?PHP_MAIL_LOG=|
|?CLI_PHP_MAIL_LOG=|
|*if PHP_MAIL_LOG_ENABLED="1"|
|?PHP_MAIL_LOG=-d mail.log="HOME/.php/php-mail.log"|
|?CLI_PHP_MAIL_LOG=php_admin_value mail.log HOME/.php/php-mail.log|
|*endif|
|?PHP_EMAIL=USER@DOMAIN|
virtualHost |SDOMAIN|-|VH_PORT| {
|CUSTOM|
user |USER|
group |GROUP|
vhRoot |VHROOT|
allowSymbolLink 1
enableScript 1
restrained 1
setUIDMode 2
# listeners listener1, listener2, listener3
listeners |LISTENERS|
#VirtualHost config settings
docRoot |DOCROOT|
vhDomain |SDOMAIN|
vhAliases www.|SDOMAIN||SERVER_ALIASES|
adminEmails |ADMIN|
enableGzip 1
enableIpGeo 1
errorlog |APACHELOGDIR|/|LOG_NAME|.error.log {
useServer 0
logLevel NOTICE
rollingSize 0
}
accesslog |APACHELOGDIR|/|LOG_NAME|.log {
useServer 0
logFormat %a %l %u %t "%r" %>s %O "%{Referer}i" "%{User-Agent}i"
logHeaders 5
rollingSize 0
}
accesslog |APACHELOGDIR|/|LOG_NAME|.bytes {
useServer 0
logFormat %O %I
rollingSize 0
}
scripthandler {
|CUSTOM2|
add lsapi:|SCRIPTHANDLER| inc
add lsapi:|SCRIPTHANDLER| php
add lsapi:|SCRIPTHANDLER| phtml
add lsapi:|SCRIPTHANDLER| php|PHP1_RELEASE|
}
phpIniOverride {
|CUSTOM4|
php_admin_flag engine |PHP|
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f |PHP_EMAIL|"
|*if OPEN_BASEDIR_ENABLED="ON"|
php_admin_value open_basedir "|OPEN_BASEDIR_PATH|"
|*endif|
|CLI_PHP_MAIL_LOG|
|*if HAVE_SAFE_MODE="1"|
php_admin_flag safe_mode |SAFE_MODE|
|*endif|
}
rewrite {
enable 1
autoLoadHtaccess 1
|FORCE_SSL_REDIRECT|
|OPENLITESPEED_REDIRECTS|
|CUSTOM5|
}
|CONTEXTS|
|REALMS|
|*if SSL_TEMPLATE="1"|
vhssl {
|CUSTOM6|
keyFile |KEY|
certFile |CERT|
certChain 1
sslProtocol |SSLPROTOCOL|
}
|*endif|
# include aliases
include /usr/local/lsws/conf/httpd-alias.conf
|CUSTOM7|
Comments
Post a Comment