maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity
3,054 Commits 6 Branches 188 Tags
b51f0821cba7819d0db11021aa5c61feca2e71c3
Commit Graph

117 Commits

Author SHA1 Message Date
Michael Kaufmann (d00p)
0e79e8d670 fix default_server parameter for listen-statement in nginx since this changed since ngninx-0.8.21; fixes #1621 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-05-09 08:08:59 +02:00
Michael Kaufmann (d00p)
28f0c3eac4 only include acme.conf to vhosts if system has ssl and LE enabled (might not exist if not) 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-04-15 15:09:11 +02:00
Michael Kaufmann (d00p)
f9d949f90c Revert "Merge pull request #318 from Churro/froxlorMerge_33ab67a" 
This reverts commit 4f2ee129fd, reversing
changes made to f284d67843.
 2016-03-03 23:38:02 +01:00
Michael Kaufmann (d00p)
f6e519d779 Revert "Merge pull request #326 from Churro/froxlorMerge_vhostTemplates" 
This reverts commit 319668d384, reversing
changes made to aa592c7369.

Conflicts:
	install/froxlor.sql
	install/updates/froxlor/0.9/update_0.9.inc.php
	lib/version.inc.php
 2016-03-03 23:31:19 +01:00
Johannes Feichtner
101e791add Vhost templates: Extended the cron scripts to check for the designated webserver and referential integrity 2016-02-27 20:19:50 +01:00
Michael Kaufmann
4f2ee129fd Merge pull request #318 from Churro/froxlorMerge_33ab67a 
Feature: vHost templates (version 2)
 2016-02-26 19:16:49 +01:00
Evi Vanoost
83fd1ab0ca class.lescript.php: OpenSSL requires integer for key size. DB returns string. Cast string to integer 
trusty.xml: All files in conf.d get automatically included causing the location to be out of place and nginx fails to start
cron_tasks.inc.http.30.nginx.php: Location directives should be included in a host, nginx doesn't have the concept of global location directives in the way apache does
 2016-02-21 18:55:02 -05:00
Johannes Feichtner
abe253bc31 Feature: Vhost templates 
Reworked the initial implementation by hpmewes (https://github.com/Froxlor/Froxlor/pull/233) with
- bugfixes all over
- added support for apache and lighttpd also
- added an update sequence (instead of only modifying froxlor.sql)
- added english language variables
- added missing parts in admin_vhostsettings.php
- added parameter replacements as available since PR 244
 2016-02-21 14:53:24 +01:00
Michael Kaufmann
d7ca3a0f1c Merge pull request #303 from Churro/froxlorMerge 
Nginx: Fix for redundantly inserted auth blocks
 2016-02-21 13:09:29 +01:00
Michael Kaufmann
5c90c3aa97 Merge pull request #315 from Churro/froxlorMerge_d02a076 
Nginx: Set default curve to secp384r1
 2016-02-21 08:09:06 +01:00
Michael Kaufmann
b5e739620d Merge pull request #310 from Churro/froxlorMerge_fe8093f 
Nginx: Avoid multiple index directives (common pitfall)
 2016-02-21 08:07:58 +01:00
Johannes Feichtner
a328a95c01 Set default curve to secp384r1 2016-02-21 01:23:18 +01:00
Johannes Feichtner
c27589e8c2 Set correct error log levels (LOG_ERR instead of LOG_ERROR) 2016-02-20 20:57:31 +01:00
Johannes Feichtner
1ace011ad2 Nginx: Avoid multiple index directives (common pitfall) 2016-02-20 20:40:38 +01:00
Johannes Feichtner
a641dfbfc8 Security-critical fix: Nginx directory protection did not prevent access to 
PHP scripts

Although the implemented direction protection posed a prompt when
accessing the http://...com/protectedir/
it was still possible to call http://...com/protectedir/script.php

This vulnerability emerges from the precedence order of "location"
statements. The RegEx matching the PHP script is triggered before the
directory protection is evaluated. As a result, the PHP script is
interpreted and path parsing stops due to the circumflex (see
http://nginx.org/en/docs/http/ngx_http_core_module.html#location).

The fix involves adding a PHP parsing snippet to every protected
block. In order to prevent PHP-related config params repeatedly, the
required section is referenced using a prefix.
 2016-02-20 19:25:49 +01:00
Johannes Feichtner
4692d7ef2a Nginx: Changed inefficient RegEx redirect to equivalent 301 2016-02-20 17:30:26 +01:00
Johannes Feichtner
3b9201fb91 Nginx: Fix for redundantly inserted auth blocks 
The problem occurs if a Vhost is assigned multiple different auth names
in Froxlor. Each block is then added repeatedly, leading to an
unparseable configuration
 2016-02-20 17:21:54 +01:00
Florian Aders
e621e02f92 Allow selecting new keysize, fixes #1594 
Prepare database and cron for HSTS, refs #1593
Added option to re-use key and CSR for Let's Encrypt

Signed-off-by: Florian Aders <eleras@froxlor.org>
 2016-02-19 17:35:44 +01:00
Daniel Reichelt
e306425428 remove now superfluous $debugHandler fields 2016-02-16 16:24:07 +01:00
Daniel Reichelt
f86a115c6a cron scripts: replace fwrite'ing to lockfile by logging 2016-02-16 16:24:06 +01:00
root
0fbbd8dae7 Fixes nginx error due to duplicate fastcgi parameters 2016-02-10 13:28:25 -05:00
Stefan Weil
ddd4c2ad3d Fix typo in comment 
Signed-off-by: Stefan Weil <sw@weilnetz.de>
 2016-01-25 17:15:17 +01:00
Michael Kaufmann (d00p)
efdb3623e1 fix return value usage in write-context 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-01-18 10:51:39 +01:00
Christian Becker
6996f6516c fix ssl setttings for rewrite vhosts on nginx, fixes #1568 
- previously the ssl settings were missing in rewrite vhosts
- this caused ssl errors for these hosts as the default certificate has been used instead of the vhost specific cert.
- this seem to only apply for nginx, not apache
 2015-11-14 14:10:23 +01:00
Michael Kaufmann (d00p)
0939d032a5 fix wrong vhost creation with nginx when customer is deactivated and no docroot for deactivated users was given, fixes #1565 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2015-11-12 08:42:32 +01:00
Frank Gehann
7cf321b24a Fixed composeSslSettings which used variables not available in the function scope. 2015-08-16 15:45:48 +02:00
Chris Vigelius
19d94471d9 Merge branch 'master' into vhost_config_variables, and replace IS_SSL with SCHEME 
Conflicts (resolved):
	lng/english.lng.php
	lng/german.lng.php
 2015-07-30 11:35:26 +02:00
Michael Kaufmann (d00p)
26a41a0672 check for existence of ssl-related files for ip/port vhost in order to avoid the webserver to be unable to restart when the cronjob runs; fixes #1485 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2015-07-28 15:41:31 +02:00
Michael Kaufmann (d00p)
222841f09b solve sub-sub-domain-problem by dynamically assigning vhost-number in vhost-filename (the deeper the lower the number thus being included earlier), fixes #1535 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2015-07-28 15:11:55 +02:00
Chris Vigelius
89c4b969d1 make sure we fill all context parameters in any case 2015-07-06 21:21:07 +02:00
Chris Vigelius
9dbc04678c correct path for nginx 2015-07-06 17:16:49 +02:00
Chris Vigelius
ed9e524e03 use absolute path and require_once, instead of relative include 2015-07-06 17:09:49 +02:00
Chris Vigelius
de84419035 add nginx and lighttpd support, refactor into common base class 2015-07-06 14:15:01 +02:00
Roman Schmerold (BNoiZe)
643f124e8b Fixing a bug with linebreaks, fixes #1498 
Signed-off-by: Roman Schmerold (BNoiZe) <bnoize@froxlor.org>
 2015-02-15 19:07:01 +01:00
Roman Schmerold (BNoiZe)
67f3263a2e Don't remove custom comments, add newline after blocks 
Signed-off-by: Roman Schmerold (BNoiZe) <bnoize@froxlor.org>
 2015-01-14 00:20:04 +01:00
Churro
4fe33a0b7a Fix for duplicate htpasswd entries (Nginx) 2014-12-02 22:29:54 +01:00
Churro
8842c02136 Fixed indentation of location-block in Nginx Vhosts 2014-12-01 22:50:07 +01:00
Churro
adbc4bc402 Basic auth realms now work for Nginx Vhosts too 2014-12-01 22:48:54 +01:00
Michael Kaufmann (d00p)
3be43c4848 outsource a few directory-functions in a class; make apache-2.4 not create 'require all granted' if there is an active directory-protection or option set for the customerroot-dir, possibly fixes #1455 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2014-12-01 08:07:28 +01:00
Michael Kaufmann (d00p)
c6ed0b63c9 fix vhost-block-merging for nginx, fixes #1450 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2014-11-19 16:29:05 +01:00
Frank Gehann
29d755433f set explicit sslprotocol to react to poodle attack stuff (nginx) 2014-10-30 14:57:04 +01:00
Roman Schmerold (BNoiZe)
1b00a816e3 Rewrite of merging special vhost settings, fixes #1430 
Signed-off-by: Roman Schmerold (BNoiZe) <bnoize@froxlor.org>
 2014-10-12 15:34:40 +02:00
Roman Schmerold (BNoiZe)
a7450dfe37 Fixed duplicate creation of directory protection, fixes #1450 
Signed-off-by: Roman Schmerold (BNoiZe) <bnoize@froxlor.org>
 2014-10-11 09:08:27 +02:00
Roman Schmerold (BNoiZe)
fe5eff890f Removed another evil if I overlooked 
Signed-off-by: Roman Schmerold (BNoiZe) <bnoize@froxlor.org>
 2014-10-11 08:18:43 +02:00
Roman Schmerold
539ec529c2 Removing evil if from nginx vhosts 
Signed-off-by: Roman Schmerold <bnoize@froxlor.org>
 2014-10-11 07:58:01 +02:00
Stricted
141e728c0f fix last commits 2014-09-16 22:47:07 +02:00
Stricted
024d01b300 fix directory index for folders on nginx #2 2014-09-16 21:24:50 +02:00
Stricted
cbf47f46ea fix directory index for folders on nginx 2014-09-16 21:17:06 +02:00
Stricted
31f3639c15 fix path_info on nginx cronjob 2014-09-08 18:37:14 +02:00
Roman Schmerold (BNoiZe)
ca4dd8a75d Remove comments from special vhost settings, fixes #1422 
Signed-off-by: Roman Schmerold (BNoiZe) <bnoize@froxlor.org>
 2014-05-18 12:38:50 +02:00