Webmin and Usermin are accessed remotely through ports 10000 and 20000 respectively - as in http://www.myserver.net:20000
I work in a company that blocks port 20000 and all other non-essential outgoing port requests. Are there any alternative ways of accessing a port-bound service like this to get around secure large company sites that block direct port connections?
I guess what I'm asking is about ways to access Usermin as a straight HTTP:// connection (ie http://www.myserver.net/usermin) rather than port 20000 by making changes on my server.
Thanks in advance, bob
Am Mo, den 28.02.2005 schrieb Bob Brennan um 23:31:
Webmin and Usermin are accessed remotely through ports 10000 and 20000 respectively - as in http://www.myserver.net:20000
I work in a company that blocks port 20000 and all other non-essential outgoing port requests. Are there any alternative ways of accessing a port-bound service like this to get around secure large company sites that block direct port connections?
I guess what I'm asking is about ways to access Usermin as a straight HTTP:// connection (ie http://www.myserver.net/usermin) rather than port 20000 by making changes on my server.
bob
You can bind both services to different ports of choice.
$ grep 10010 /etc/webmin/* /etc/webmin/miniserv.conf:port=10010
You can do this by hand editing the configuration file or inside the web browser surface of the tool.
Alexander
You can bind both services to different ports of choice.
$ grep 10010 /etc/webmin/* /etc/webmin/miniserv.conf:port=10010
You can do this by hand editing the configuration file or inside the web browser surface of the tool.
Alexander
Sorry - let me re-state the problem. I want to access from a computer that is blocked from directly accessing any ports other than http:80. I can't even use a POP or SMTP connection to the outside world because ports 25 and 110 requests are blocked, so http://myserver.net:anynumber will not work. It would have to be as http://myserver.net/usermin.
The question is how can I (or "can I") route a request to an http: directory or file to the Usermin interface on localhost:20000? Or access the Usermin pages as normal html/php/whatever directories/files instead of a port interface.
Thanks in advance, bob
On Mon, 2005-02-28 at 23:01 +0000, Bob Brennan wrote:
You can bind both services to different ports of choice.
$ grep 10010 /etc/webmin/* /etc/webmin/miniserv.conf:port=10010
You can do this by hand editing the configuration file or inside the web browser surface of the tool.
Alexander
Sorry - let me re-state the problem. I want to access from a computer that is blocked from directly accessing any ports other than http:80. I can't even use a POP or SMTP connection to the outside world because ports 25 and 110 requests are blocked, so http://myserver.net:anynumber will not work. It would have to be as http://myserver.net/usermin.
The question is how can I (or "can I") route a request to an http: directory or file to the Usermin interface on localhost:20000? Or access the Usermin pages as normal html/php/whatever directories/files instead of a port interface.
---- if this machine is NOT a webserver - Alexander's answer is the best answer...add port 80 to config of usermin or another way is to use that machine or another machine (not on your company's network) to redirect port 80 requests to port 20000 of your server...iptables command can do that.
Craig
Am Di, den 01.03.2005 schrieb Bob Brennan um 0:01:
Sorry - let me re-state the problem. I want to access from a computer that is blocked from directly accessing any ports other than http:80. I can't even use a POP or SMTP connection to the outside world because ports 25 and 110 requests are blocked, so http://myserver.net:anynumber will not work. It would have to be as http://myserver.net/usermin.
The question is how can I (or "can I") route a request to an http: directory or file to the Usermin interface on localhost:20000? Or access the Usermin pages as normal html/php/whatever directories/files instead of a port interface.
bob
You can do so by configuring Apache using mod_proxy or mod_rewrite. Please see the Apache documentation. As an *untested* guideline:
a) mod_proxy
ProxyVia On ProxyPass /webmin http://localhost:10000 ProxyPassReverse /webmin http://localhost:10000
b) mod_rewrite
RewriteEngine On RewriteRule ^/webmin(.*) http://localhost:10000/$1 [P,L] RewriteRule ^proxy:.* - [F]
This is given that Apache does server other sites too on standard HTTP port 80.
Alexander
On 02/28/2005 03:20:20 PM, Alexander Dalloz wrote:
You can do so by configuring Apache using mod_proxy or mod_rewrite. Please see the Apache documentation. As an *untested* guideline:
a) mod_proxy
ProxyVia On ProxyPass /webmin http://localhost:10000 ProxyPassReverse /webmin http://localhost:10000b) mod_rewrite
RewriteEngine On RewriteRule ^/webmin(.*) http://localhost:10000/$1 [P,L] RewriteRule ^proxy:.* - [F]This is given that Apache does server other sites too on standard HTTP port 80.
If something else does run on port 80 - you can probably still do it either with a virtual domain, or with multihoming. Apache can deal with both.
On Tue, 01 Mar 2005 00:20:20 +0100, Alexander Dalloz ad+lists@uni-x.org wrote:
You can do so by configuring Apache using mod_proxy or mod_rewrite. Please see the Apache documentation. As an *untested* guideline:
a) mod_proxy
ProxyVia On ProxyPass /webmin http://localhost:10000 ProxyPassReverse /webmin http://localhost:10000b) mod_rewrite
RewriteEngine On RewriteRule ^/webmin(.*) http://localhost:10000/$1 [P,L] RewriteRule ^proxy:.* - [F]This is given that Apache does server other sites too on standard HTTP port 80.
Alexander
This seems to be the best possibility after reading the Apache documentation.
The machine in question is a web/mail host for a dozen or so sites, hence the need for Usermin so that site owners can maintain their sites remotely, but *must* be normal http access rather than port 20000 due to blocking restrictions imposed by many admins (and rightly so!) these days.
mod_proxy might also solve the next problem I was expecting to face - giving each virtual domain owner http:Vdomain.com/usermin/ access without adding the folder to each document tree.
I haven't tested this yet but will post again if research/attempts fail me.
Thanks guys!
On Tue, 1 Mar 2005, Alexander Dalloz wrote:
You can do so by configuring Apache using mod_proxy or mod_rewrite. Please see the Apache documentation. As an *untested* guideline:
a) mod_proxy
ProxyVia On ProxyPass /webmin http://localhost:10000 ProxyPassReverse /webmin http://localhost:10000b) mod_rewrite
RewriteEngine On RewriteRule ^/webmin(.*) http://localhost:10000/$1 [P,L] RewriteRule ^proxy:.* - [F]This is given that Apache does server other sites too on standard HTTP port 80.
I can't speak for mod_proxy, but using mod_rewrite won't work.
Using mod_rewrite literally tells the web browser to rewrite the requested URL and ask for it...meaning that he'd point at http://some.domain.com, and apache would tell the browser to resend the request, but this time to http://some.domain.com:10000.
Assigning a different port to webmin, or port redirection via NAT would seem to be his only options.
On Tue, 1 Mar 2005 20:49:23 -0500 (EST), Mike Burger mburger@bubbanfriends.org wrote:
On Tue, 1 Mar 2005, Alexander Dalloz wrote:
You can do so by configuring Apache using mod_proxy or mod_rewrite. Please see the Apache documentation. As an *untested* guideline:
a) mod_proxy
ProxyVia On ProxyPass /webmin http://localhost:10000 ProxyPassReverse /webmin http://localhost:10000b) mod_rewrite
RewriteEngine On RewriteRule ^/webmin(.*) http://localhost:10000/$1 [P,L] RewriteRule ^proxy:.* - [F]This is given that Apache does server other sites too on standard HTTP port 80.
I can't speak for mod_proxy, but using mod_rewrite won't work.
Using mod_rewrite literally tells the web browser to rewrite the requested URL and ask for it...meaning that he'd point at http://some.domain.com, and apache would tell the browser to resend the request, but this time to http://some.domain.com:10000.
Assigning a different port to webmin, or port redirection via NAT would seem to be his only options.
-- Mike Burger http://www.bubbanfriends.org
mod_proxy does work, entered exactly as Alexander wrote it above, but only for the initial login page, in which I can successfully log in.
But after that I get "http://myserver.net/session_login.cgi" as the url in the browser address field, and (as expected):
404 Not Found The requested URL /session_login.cgi was not found on this server
I would guess that I now need to locate where the Usermin files are and Alias the directory in httpd.conf.(?) I guess my main problem is not understanding how or why some web services use port access rather than sub-directories; and more importantly how that works...
bob
Am Mi, den 02.03.2005 schrieb Bob Brennan um 10:02:
I would guess that I now need to locate where the Usermin files are and Alias the directory in httpd.conf.(?) I guess my main problem is not understanding how or why some web services use port access rather than sub-directories; and more importantly how that works...
bob
Webmin comes with his own HTML serving daemon. It is absolutely independent from any other HTTP server. To not conflict with something like Apache it uses a different port.
Alexander
On Wed, 02 Mar 2005 19:17:24 +0100, Alexander Dalloz ad+lists@uni-x.org wrote:
Am Mi, den 02.03.2005 schrieb Bob Brennan um 10:02:
I would guess that I now need to locate where the Usermin files are and Alias the directory in httpd.conf.(?) I guess my main problem is not understanding how or why some web services use port access rather than sub-directories; and more importantly how that works...
bob
Webmin comes with his own HTML serving daemon. It is absolutely independent from any other HTTP server. To not conflict with something like Apache it uses a different port.
Alexander
Very true Alexander, and that explains a lot. Using the information you have given me I have finally tracked down the instructions for running Webmin/Usermin through Apache. For future readers of this topic here are the links: http://www.webmin.com/uapache.html http://www.webmin.com/apache.html
Thanks again for all your help, bob
-
Alexander Dalloz -
Bob Brennan -
Craig White -
Michael A. Peters -
Mike Burger