Adding new user rewriting /etc/httpd/conf/ips.conf

[jeefymirhdflc]

Hello

In our company we encourage a problem when customer add new user in DA panel , its rewriting file /etc/httpd/conf/ips.conf to content :


DirectAdmin v.1.658

# Auto generated apache config file by DirectAdmin version 1.658
# Modifying this file is not recommended as any changes you make will be
# overwritten when you add/remove ip's through DirectAdmin.

LogFormat "%O \"%r\"" homedir

And after reload/restart apache main domain of server fail to work with ssl , normaly /etc/httpd/conf/ips.conf shoud have content

LogFormat "%O \"%r\"" homedir

<VirtualHost xxx:80>
    ServerName shared.domain
    UserDir disabled
    DocumentRoot /home/admin/domains/sharedip

    SuexecUserGroup admin admin

    CustomLog /var/log/httpd/homedir.log homedir
    CustomLog /var/log/httpd/access_log combined
</VirtualHost>

<VirtualHost xxx:443>
    SSLEngine on
    SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
    SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
    SSLCACertificateFile /etc/httpd/conf/ssl.crt/server.ca

    ServerName shared.domain
    UserDir disabled
    DocumentRoot /home/admin/domains/sharedip


 


    SuexecUserGroup admin admin

    CustomLog /var/log/httpd/homedir.log homedir
    CustomLog /var/log/httpd/access_log combined
</VirtualHost>

Why does directadmin do this and how to correct it so that the file is not corrupted.

 

[zEitEr]

Hello,

First of all, the DirectAdmin version 1.658 is outdated already. Are you probably running an old OS, which reached its EOL?

The current version uses /etc/httpd/conf/extra/httpd-vhosts.conf for SSL instructions of a hostname (i.e. server name).

The file /etc/httpd/conf/ips.conf is used for shared IP only. A shared IP should be listed in the file /usr/local/directadmin/data/admin/ip.list and directory /usr/local/directadmin/data/admin/ips/xxx.xxx.xxx.xxx with a status shared.

 

[ericosman]

Do you have an official Directadmin license?

 

[jeefymirhdflc]

Thanks for replay , server is licensed , Almalinux8 .
Ok , change in /usr/local/directadmin/data/admin/ips/IP
status=shared to status=server this solve the problem when adding new account .

Is this safe ? or shoud i do more , in this case server have single ip and it have status server.

Or is the other way to stop Directadmin from rewriting /etc/httpd/conf/ips.conf ? Chattr is not possible in our situation .

 

[Richard G]

in this case server have single ip and it have status server.

I've got it like this on all my servers. Which is normal, because it is shared hosting, and resellers and customers use that same ip. So it should be safe.

In fact, I don't really understand what the "shared" is exactly doing/meaning since status server is shared amongst all users.

I read this in the docs:

3. NOTE: If you wish to assign a User to a shared IP, ensure the IP is set to "shared" before assigning it to a User.

and a bit higher:

Only shared or server IPs can have multiple Users assigned to them.

So what is the difference then @zEitEr? There will be some difference but since I'm also not native English, I don't really understand the difference.

 

[jeefymirhdflc]

I made a mistake, it should be the other way around


Thanks for replay , server is licensed , Almalinux8 .
Ok , change in /usr/local/directadmin/data/admin/ips/IP
From status=server to status=shared this solve the problem when adding new account .

Is this safe ? or shoud i do more , in this case server have single ip and it have status server.

Or is the other way to stop Directadmin from rewriting /etc/httpd/conf/ips.conf ? Chattr is not possible in our situation .

 

[zEitEr]

So what is the difference then @zEitEr? There will be some difference but since I'm also not native English, I don't really understand the difference.

If a server has a single IP, then it should always have status=server
If the server has more than one IP, then additional IPs can have either free, or shared or dedicated (owned) status. The main IP with status=server can be used by all resellers and users if it is not forbidden by settings. Shared IPs can be used by users of a specific reseller only, who has the IP under a control. Dedicated or owned IPs can be used by a single user only.

 

[Richard G]

Shared IPs can be used by users of a specific reseller only, who has the IP under a control.

Aha, that was not clear enough to me from the docs. Thank you very much.

So most likely then in the aboven case something was setup in a specific way so he needed to change it to "shared" which is normally not necessary.
Thanks!