Webui Security

Recommended Posts

Modern Plesk servers already run nginx in front of Apache and I just investigated how I could add this to the existing setup without breaking their management shell. I didn't even have to stop any services.


They have everything well organized in separate config folders that are included and the only thing I had to do was add a file in /etc/nginx/conf.d/

I didn't even have to write the config file from scratch.


First I modified /etc/btsync.conf so it will listen to and not on all interfaces anymore.

sed -i 's/' /etc/btsync.confkillall -HUP btsyncnetstat -lntp | grep btsync

You should see btsync only on on port 57889


Don't forget to modify your firewall and stop it from opening port 57889


I copied the file /etc/plesk.conf.d/webmail.conf to /etc/nginx/conf.d/bittorrentsync.conf

cp -p /etc/nginx/plesk.conf.d/webmail.conf /etc/nginx/conf.d/bittorrentsync.confsed -i 's/proxy_pass.*/proxy_pass;/g' /etc/nginx/conf.d/bittorrentsync.conf

Then modify the file /etc/nginx/conf.d/bittorrentsync.conf by removing the complete section where it is listening on port 80 with http.


Change the name to the FQDN you would like to use and maybe you also have a proper certificate.

Then give:

killall -HUP nginx

That's it


For those that don't have Plesk but still would like to see the result.

This is the file to add:



# cat /etc/nginx/conf.d/bittorrentsync.conf
server {    listen ssl;    server_name my_fqdn.nl;     ssl_certificate             /root/.ssh/mycert.nl.pem;    ssl_certificate_key         /root/.ssh/mycert.nl-key.pem;    ssl_session_timeout         5m;     ssl_protocols               SSLv2 SSLv3 TLSv1;    ssl_ciphers                 HIGH:!aNULL:!MD5;    ssl_prefer_server_ciphers   on;     client_max_body_size 128m;     location / {        proxy_pass;        proxy_set_header Host $host;        proxy_set_header X-Real-IP $remote_addr;        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;    }}
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.