Config changes

hennaboy

Verified User
Joined
Jan 9, 2020
Messages
14
Okay so just joined DirectAdmin and finding it interesting the approach to OLS config and the splitting of the configuration, therefore, disabling the web admin supplied by OLS.

Was this work by DA themselves and or how OLS wished to supply the software?

I have concerns about this in that default SSL is set to sslProtocols 30 which should be 24. 30 includes TLS1.0 and 1.1

SSL config apparently cannot be changed as it will be overwritten by directadmin. SSL security settings were not included. Even though a dhparam is created when DirectAdmin is installed its not used. So, the question is. If SSL config is overwritten by directadmin where is the config to do this? Really defeats the point of having a set of config files to adjust if you have to adjust everytime there is an update.
 
Was this work by DA themselves and or how OLS wished to supply the software?

This is how DirectAdmin configures Apache, Nginx, LiteSpeed as well. In split configuration files, to load virtualhosts (have separate configs for them) and to be able to customize any of the files easily. OpenLiteSpeed does not include support of "includes" in their web UI yet. If they get enough of feature requests to have UI read-write on DA servers, I'm sure they'd do it :)

I have concerns about this in that default SSL is set to sslProtocols 30 which should be 24. 30 includes TLS1.0 and 1.1

SSL config apparently cannot be changed as it will be overwritten by directadmin. SSL security settings were not included. Even though a dhparam is created when DirectAdmin is installed its not used. So, the question is. If SSL config is overwritten by directadmin where is the config to do this? Really defeats the point of having a set of config files to adjust if you have to adjust everytime there is an update.

You may just try creating /usr/local/directadmin/data/templates/custom/openlitespeed_vhost.conf.CUSTOM.6.pre with:
Code:
|?SSLPROTOCOL=24|

Then just execute:
Code:
/usr/local/directadmin/custombuild/build rewrite_confs
 
So config is done with ? before each value and is that one parameter per line

For example

?SSHPROTOCOL=24
?CIPHERS=
?ENABLEECDHE=

and so on
 
No, it's just setting a variable in configs, which is used then. See /usr/local/directadmin/data/templates/openlitespeed_vhost.conf:
Code:
sslProtocol             |SSLPROTOCOL|
 
How do I configure other settings such as httpdWorkers the only place I can find this set is in /usr/local/lsws/conf/httpd-defaults.conf but rebuilding resets it to 2
 
Just use documented way for customizations. Customized files should be placed in /usr/local/directadmin/custombuild/custom/openlitespeed/conf
 
Just use documented way for customizations. Customized files should be placed in /usr/local/directadmin/custombuild/custom/openlitespeed/conf

So for example, I can create /usr/local/directadmin/custombuild/custom/openlitespeed/conf/httpd-phplimits.conf with these contents:

maxConns 100
env PHP_LSAPI_CHILDREN=100

and this will work?
 
It’d always place it in /usr/local/lsws/conf/httpd-phplimits.conf on config rewrite time then :)
 
It’d always place it in /usr/local/lsws/conf/httpd-phplimits.conf on config rewrite time then :)

I'll just modify that file directly then. I was receiving an error about children being less than max connections but modifying this file fixed it.

Last errors I'm seeing:

2020-01-10 14:01:13.899100 [WARN] Path for document root is not accessible: /home/admin/domains/sharedip/
2020-01-10 14:01:13.899147 [WARN] [config:server:vhosts:vhost:1.1.1.1] configuration failed!


and

2020-01-10 14:01:13.903691 [ERROR] [config:server:vhosts:vhost:domain1.com-80:context:/cgi-bin/] path is not accessible: /home/admin/domains/domain1.com/public_html/cgi-bin/
2020-01-10 14:01:13.905638 [ERROR] [config:server:vhosts:vhost:domain1.com-443:context:/cgi-bin/] path is not accessible: /home/admin/domains/domain1.com/public_html/cgi-bin/


should I create /cgi-bin/ for the domains affected or modify some config file?
 
and

2020-01-10 14:01:13.903691 [ERROR] [config:server:vhosts:vhost:domain1.com-80:context:/cgi-bin/] path is not accessible: /home/admin/domains/domain1.com/public_html/cgi-bin/
2020-01-10 14:01:13.905638 [ERROR] [config:server:vhosts:vhost:domain1.com-443:context:/cgi-bin/] path is not accessible: /home/admin/domains/domain1.com/public_html/cgi-bin/


should I create /cgi-bin/ for the domains affected or modify some config file?

Fixed this by removing all instances of

context /cgi-bin/ {
allowBrowse 1
location /home/admin/domains/domain1.com/public_html/cgi-bin/
type cgi
}


for all domains from /usr/local/directadmin/data/users/admin/openlitespeed.conf
If this shouldn't be done, let me know.
Only issue remains now is the first one above.
 
This is how DirectAdmin configures Apache, Nginx, LiteSpeed as well. In split configuration files, to load virtualhosts (have separate configs for them) and to be able to customize any of the files easily. OpenLiteSpeed does not include support of "includes" in their web UI yet. If they get enough of feature requests to have UI read-write on DA servers, I'm sure they'd do it :)



You may just try creating /usr/local/directadmin/data/templates/custom/openlitespeed_vhost.conf.CUSTOM.6.pre with:
Code:
|?SSLPROTOCOL=24|

Then just execute:
Code:
/usr/local/directadmin/custombuild/build rewrite_confs

Does this matter if I have this setting with CloudFlare?

1.png
 
Back
Top