How can I secure access to my ISPconfig panel using an .htaccess file?

Procédure

Why should I secure my ISPconfig panel?

For added security, it may be useful to set up a user/password combination to restrict access to your ISPconfig panel.

This restriction can be extended to an IP address restriction, allowing you to give access only to a certain number of machines.

Creating the .htaccess file

To do this, you need to connect to your VPS server using SSH. If you don't know how to do this, please refer to this section of our knowledge base:

https://help.lws-hosting.com/en/dedicated-servers/ssh

Once connected, use the following command to create the :

nano /usr/local/ispconfig/interface/web/.htaccess

This file should contain the following:

AuthUserFile /usr/local/ispconfig/interface/.htpasswd AuthType Basic AuthName "ISPconfig auth." Require valid-user

Next, create the file /usr/local/ispconfig/interface/.htpasswd , which will contain your user and password (in this case we are creating the user lws):

htpasswd -c /usr/local/ispconfig/interface/.htpasswd lws

If you want to restrict access to certain IP addresses (in this case 192.168.1.193 and 192.168.1.194):

AuthUserFile /usr/local/ispconfig/interface/.htpasswd AuthType Basic AuthName "ISPconfig auth." Require valid-user Order Deny,Allow Deny from all Allow from 192.168.1.193 Allow from 192.168.1.194

Allow execution of the .htaccess file

Still using SSH, edit the following configuration file:

nano /etc/apache2-ispconfig/sites-available/ispconfig.vhost


or for older servers :

nano /etc/apache2/sites-available/ispconfig.vhost


Then replace the section :

# php_admin_value open_basedir "/usr/local/ispconfig/interface:/usr/share:/tmp" Options +FollowSymLinksAllowOverride NoneOrder allow,deny Allow from all php_value magic_quotes_gpc 0


per :

# php_admin_value open_basedir "/usr/local/ispconfig/interface:/usr/share:/tmp" Options +FollowSymLinksAllowOverride AllOrder allow,deny Allow from all php_value magic_quotes_gpc 0

Finally, restart the Apache web service:

/etc/init.d/apache2-ispconfig restart


or for older servers :

/etc/init.d/apache2 restart