4:31 p.m.
Webmin and Usermin are accessed remotely through ports 10000 and 20000
respectively - as in http://www.myserver.net:20000
I work in a company that blocks port 20000 and all other non-essential
outgoing port requests. Are there any alternative ways of accessing a
port-bound service like this to get around secure large company sites
that block direct port connections?
I guess what I'm asking is about ways to access Usermin as a straight
HTTP:// connection (ie http://www.myserver.net/usermin) rather than
port 20000 by making changes on my server.
Thanks in advance,
bob
4:37 p.m.
Am Mo, den 28.02.2005 schrieb Bob Brennan um 23:31:
Webmin and Usermin are accessed remotely through ports 10000 and
20000
respectively - as in http://www.myserver.net:20000
I work in a company that blocks port 20000 and all other non-essential
outgoing port requests. Are there any alternative ways of accessing a
port-bound service like this to get around secure large company sites
that block direct port connections?
I guess what I'm asking is about ways to access Usermin as a straight
HTTP:// connection (ie http://www.myserver.net/usermin) rather than
port 20000 by making changes on my server.
bob
You can bind both services to different ports of choice.
$ grep 10010 /etc/webmin/*
/etc/webmin/miniserv.conf:port=10010
You can do this by hand editing the configuration file or inside the web
browser surface of the tool.
Alexander
--
Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.10-1.14_FC2smp
Serendipity 23:34:58 up 7 days, 10:43, load average: 0.31, 0.35, 0.47
5:01 p.m.
You can bind both services to different ports of choice.
$ grep 10010 /etc/webmin/*
/etc/webmin/miniserv.conf:port=10010
You can do this by hand editing the configuration file or inside the web
browser surface of the tool.
Alexander
Sorry - let me re-state the problem. I want to access from a computer
that is blocked from directly accessing any ports other than http:80.
I can't even use a POP or SMTP connection to the outside world because
ports 25 and 110 requests are blocked, so
http://myserver.net:anynumber will not work. It would have to be as
http://myserver.net/usermin.
The question is how can I (or "can I") route a request to an http:
directory or file to the Usermin interface on localhost:20000? Or
access the Usermin pages as normal html/php/whatever directories/files
instead of a port interface.
Thanks in advance,
bob
5:12 p.m.
On Mon, 2005-02-28 at 23:01 +0000, Bob Brennan wrote:
> You can bind both services to different ports of choice.
>
> $ grep 10010 /etc/webmin/*
> /etc/webmin/miniserv.conf:port=10010
>
> You can do this by hand editing the configuration file or inside the web
> browser surface of the tool.
>
> Alexander
Sorry - let me re-state the problem. I want to access from a computer
that is blocked from directly accessing any ports other than http:80.
I can't even use a POP or SMTP connection to the outside world because
ports 25 and 110 requests are blocked, so
http://myserver.net:anynumber will not work. It would have to be as
http://myserver.net/usermin.
The question is how can I (or "can I") route a request to an http:
directory or file to the Usermin interface on localhost:20000? Or
access the Usermin pages as normal html/php/whatever directories/files
instead of a port interface.
----
if this machine is NOT a webserver - Alexander's answer is the best
answer...add port 80 to config of usermin or another way is to use that
machine or another machine (not on your company's network) to redirect
port 80 requests to port 20000 of your server...iptables command can do
that.
Craig
5:20 p.m.
Am Di, den 01.03.2005 schrieb Bob Brennan um 0:01:
Sorry - let me re-state the problem. I want to access from a
computer
that is blocked from directly accessing any ports other than http:80.
I can't even use a POP or SMTP connection to the outside world because
ports 25 and 110 requests are blocked, so
http://myserver.net:anynumber will not work. It would have to be as
http://myserver.net/usermin.
The question is how can I (or "can I") route a request to an http:
directory or file to the Usermin interface on localhost:20000? Or
access the Usermin pages as normal html/php/whatever directories/files
instead of a port interface.
bob
You can do so by configuring Apache using mod_proxy or mod_rewrite.
Please see the Apache documentation. As an *untested* guideline:
a) mod_proxy
ProxyVia On
ProxyPass /webmin http://localhost:10000
ProxyPassReverse /webmin http://localhost:10000
b) mod_rewrite
RewriteEngine On
RewriteRule ^/webmin(.*) http://localhost:10000/$1 [P,L]
RewriteRule ^proxy:.* - [F]
This is given that Apache does server other sites too on standard HTTP
port 80.
Alexander
--
Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.10-1.14_FC2smp
Serendipity 00:11:31 up 7 days, 11:20, load average: 0.09, 0.31, 0.48
10:19 p.m.
On 02/28/2005 03:20:20 PM, Alexander Dalloz wrote:
You can do so by configuring Apache using mod_proxy or mod_rewrite.
Please see the Apache documentation. As an *untested* guideline:
a) mod_proxy
ProxyVia On
ProxyPass /webmin http://localhost:10000
ProxyPassReverse /webmin http://localhost:10000
b) mod_rewrite
RewriteEngine On
RewriteRule ^/webmin(.*) http://localhost:10000/$1 [P,L]
RewriteRule ^proxy:.* - [F]
This is given that Apache does server other sites too on standard
HTTP
port 80.
If something else does run on port 80 - you can probably still do it
either with a virtual domain, or with multihoming. Apache can deal with
both.
--
Michael A. Peters
http://mpeters.us/
4:51 a.m.
On Tue, 01 Mar 2005 00:20:20 +0100, Alexander Dalloz <ad+lists(a)uni-x.org> wrote:
You can do so by configuring Apache using mod_proxy or mod_rewrite.
Please see the Apache documentation. As an *untested* guideline:
a) mod_proxy
ProxyVia On
ProxyPass /webmin http://localhost:10000
ProxyPassReverse /webmin http://localhost:10000
b) mod_rewrite
RewriteEngine On
RewriteRule ^/webmin(.*) http://localhost:10000/$1 [P,L]
RewriteRule ^proxy:.* - [F]
This is given that Apache does server other sites too on standard HTTP
port 80.
Alexander
This seems to be the best possibility after reading the Apache documentation.
The machine in question is a web/mail host for a dozen or so sites,
hence the need for Usermin so that site owners can maintain their
sites remotely, but *must* be normal http access rather than port
20000 due to blocking restrictions imposed by many admins (and rightly
so!) these days.
mod_proxy might also solve the next problem I was expecting to face -
giving each virtual domain owner http:Vdomain.com/usermin/ access
without adding the folder to each document tree.
I haven't tested this yet but will post again if research/attempts fail me.
Thanks guys!
7:49 p.m.
On Tue, 1 Mar 2005, Alexander Dalloz wrote:
You can do so by configuring Apache using mod_proxy or mod_rewrite.
Please see the Apache documentation. As an *untested* guideline:
a) mod_proxy
ProxyVia On
ProxyPass /webmin http://localhost:10000
ProxyPassReverse /webmin http://localhost:10000
b) mod_rewrite
RewriteEngine On
RewriteRule ^/webmin(.*) http://localhost:10000/$1 [P,L]
RewriteRule ^proxy:.* - [F]
This is given that Apache does server other sites too on standard HTTP
port 80.
I can't speak for mod_proxy, but using mod_rewrite won't work.
Using mod_rewrite literally tells the web browser to rewrite the requested
URL and ask for it...meaning that he'd point at http://some.domain.com,
and apache would tell the browser to resend the request, but this time to
http://some.domain.com:10000.
Assigning a different port to webmin, or port redirection via NAT would
seem to be his only options.
--
Mike Burger
http://www.bubbanfriends.org
Visit the Dog Pound II BBS
telnet://dogpound2.citadel.org or http://dogpound2.citadel.org
To be notified of updates to the web site, visit
http://www.bubbanfriends.org/mailman/listinfo/site-update, or send a
message to:
site-update-request(a)bubbanfriends.org
with a message of:
subscribe
3:02 a.m.
On Tue, 1 Mar 2005 20:49:23 -0500 (EST), Mike Burger
<mburger(a)bubbanfriends.org> wrote:
On Tue, 1 Mar 2005, Alexander Dalloz wrote:
> You can do so by configuring Apache using mod_proxy or mod_rewrite.
> Please see the Apache documentation. As an *untested* guideline:
>
> a) mod_proxy
>
> ProxyVia On
> ProxyPass /webmin http://localhost:10000
> ProxyPassReverse /webmin http://localhost:10000
>
> b) mod_rewrite
>
> RewriteEngine On
> RewriteRule ^/webmin(.*) http://localhost:10000/$1 [P,L]
> RewriteRule ^proxy:.* - [F]
>
> This is given that Apache does server other sites too on standard HTTP
> port 80.
I can't speak for mod_proxy, but using mod_rewrite won't work.
Using mod_rewrite literally tells the web browser to rewrite the requested
URL and ask for it...meaning that he'd point at http://some.domain.com,
and apache would tell the browser to resend the request, but this time to
http://some.domain.com:10000.
Assigning a different port to webmin, or port redirection via NAT would
seem to be his only options.
--
Mike Burger
http://www.bubbanfriends.org
mod_proxy does work, entered exactly as Alexander wrote it above, but
only for the initial login page, in which I can successfully log in.
But after that I get "http://myserver.net/session_login.cgi" as the
url in the browser address field, and (as expected):
404 Not Found
The requested URL /session_login.cgi was not found on this server
I would guess that I now need to locate where the Usermin files are
and Alias the directory in httpd.conf.(?) I guess my main problem is
not understanding how or why some web services use port access rather
than sub-directories; and more importantly how that works...
bob
12:17 p.m.
Am Mi, den 02.03.2005 schrieb Bob Brennan um 10:02:
I would guess that I now need to locate where the Usermin files are
and Alias the directory in httpd.conf.(?) I guess my main problem is
not understanding how or why some web services use port access rather
than sub-directories; and more importantly how that works...
bob
Webmin comes with his own HTML serving daemon. It is absolutely
independent from any other HTTP server. To not conflict with something
like Apache it uses a different port.
Alexander
--
Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.10-1.14_FC2smp
Serendipity 19:15:45 up 9 days, 6:24, load average: 0.20, 0.37, 0.33
4:33 p.m.
On Wed, 02 Mar 2005 19:17:24 +0100, Alexander Dalloz <ad+lists(a)uni-x.org> wrote:
Am Mi, den 02.03.2005 schrieb Bob Brennan um 10:02:
> I would guess that I now need to locate where the Usermin files are
> and Alias the directory in httpd.conf.(?) I guess my main problem is
> not understanding how or why some web services use port access rather
> than sub-directories; and more importantly how that works...
>
> bob
Webmin comes with his own HTML serving daemon. It is absolutely
independent from any other HTTP server. To not conflict with something
like Apache it uses a different port.
Alexander
Very true Alexander, and that explains a lot. Using the information
you have given me I have finally tracked down the instructions for
running Webmin/Usermin through Apache. For future readers of this
topic here are the links:
http://www.webmin.com/uapache.html
http://www.webmin.com/apache.html
Thanks again for all your help,
bob
6994
days inactive
6996
days old
10 comments
5 participants
participants (5)
-
Alexander Dalloz -
Bob Brennan -
Craig White -
Michael A. Peters -
Mike Burger