Solved Enable xmlrpc.php for one site only

[twv]

I am using the technique here ( https://help.poralix.com/articles/how-to-block-access-to-xmlrpc-php-serverwide-on-directadmin ) to disable xmlrpc.php, but I would like to enable it for one site only. How do I do that?

The technique is to add

<Location ~ "/xmlrpc.php">
    Order allow,deny
    Deny from all
    ErrorDocument 403 "Sorry, you are not allowed to view this page!"
</Location>

to four files in /usr/local/directadmin/data/templates/custom/ : virtual_host2.conf.CUSTOM.4.post, virtual_host2_secure.conf.CUSTOM.4.post, virtual_host2_secure_sub.conf.CUSTOM.4.post, virtual_host2_sub.conf.CUSTOM.4.post

 

[Ohm J]

Add some condition checking

|*if CUST_ALLOW_XMLRPC!="1"|
<Location ~ "/xmlrpc.php">
    Order allow,deny
    Deny from all
    ErrorDocument 403 "Sorry, you are not allowed to view this page!"
</Location>
|*endif|

and go set variable via webpanel ( :2222 ) Custom HTTPD configuration, select target domain and add this to "custom1" before "custom4".

|?CUST_ALLOW_XMLRPC=1|

 

[twv]

Thank you very much for your help. It works. The only thing I was a little confused about was that I needed to put "|?CUST_ALLOW_XMLRPC=1|" in the "httpd.conf customization for domain.tld" field and not, as I tried at first, in the Additional CUSTOM tokens -> CUSTOM1 field below it.

 

[Ohm J]

any place will work as design, just put before CUSTOM4.

 

[twv]

It didn’t work in the CUSTOM1 field below.

 

[Ohm J]

hehe, I didn't know that. I just remember basic thing and combined with my programming knowledge, good to hear that.