CentOS Linux Server Guide

iRedMail  Customization -

Assign different IPs and Ports for iRedMail Admin Services

 

For security concern, I customized the default IRedMail web service into 2 different parts:- External Web Services and Internal Web Services. For external web services we only allow webmail - roubecubemail. This is to ensure that iredadmin, phpmysql and phpldapadmin and awstats services do not open for public and only serve within my local environment.

 

Note:

  • For IP 192.168.1.5 , it will do a  port mapping to my external IP via my external firewall.

  • You need 2 NIC or sub interface before you proceed with following setting.

For External Web Services

 Web Services  roundcubemail
 Protocols Used  80 and 443 only
 IP Address  192.168.1.5

For Internal Web 192.168.1.6

 Web Services  iredadmin, phpmysql, phpldapadmin, awstats
 Protocols Used  8081, 8082, 80, 443
 IP Address  192.168.1.6

Procedure

Step 1: Edit http.conf file

First, we need to backup the original httpd.conf file. Then edit the httpd.conf file with our VI.

cp -var /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.backup.21June2010

vim /etc/httpd/conf/httpd.conf
 

 

Step 2: Modify Apache Server to use IP-Based Virtual Hosting

Next, go to the line "Listen 80". Comment it with # sign the add the following lines. This is to modify our  Apache web services to use IP-Based Virtual Hosting. The reason of using IP-Based Virtual Hosting is that we want all the internal and external web services to use SSL.

 
#Listen 80
Listen 192.168.1.5:80
Listen 192.168.1.6:8080
Listen 192.168.1.6:8081
 

 

Step3: Grouping and specify port services for VirtualHost

I found a clean and easy way to manage all VirtualHosy. First create new file to control virtual host- sqroot.conf

 
vim /etc/httpd/conf.d/sqroot.conf

 

Next, All in all the following lines. The following example, we specify port for 192.168.1.5 is 80 & 443. This is to ensure thar Roundcubemail webmail will be using port 80 and SSL(443).  Make sure you save it.

<VirtualHost 192.168.1.5:80>
DocumentRoot /var/www/roundcubemail-0.3.1/
ServerName webmail.1a-centosserver.com
</VirtualHost>

<VirtualHost 192.168.1.5:443>
DocumentRoot /var/www/roundcubemail-0.3.1/
ServerName webmail.1a-centosserver.com
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/iRedMail_CA.pem
SSLCertificateKeyFile /etc/pki/tls/private/iRedMail.key
</VirtualHost>

<VirtualHost 192.168.1.6:8081>
DocumentRoot /var/www/phpMyAdmin-2.11.10-all-languages
ServerName phpmyadmin.1a-centosserver.com
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/iRedMail_CA.pem
SSLCertificateKeyFile /etc/pki/tls/private/iRedMail.key
</VirtualHost>

<VirtualHost 192.168.1.6:8082>
DocumentRoot /var/www/phpldapadmin/
ServerName phpldapadmin1a-centosserver.com
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/iRedMail_CA.pem
SSLCertificateKeyFile /etc/pki/tls/private/iRedMail.key
</VirtualHost>

 

 

You might might curios about iRedAdmin and Awstats is not there. The actual reason is the I cannot redirect both awstats and iReAdmin to any ports. So I leave 2 services to access as the following:-

 

https://192.168.1.6/iredamin/

https://192.168.1.6/awstats/awstats.pl

 

Step4: Restart the Apache services

Yes, we are done with the setting, restart the Apache Web Sever now

 
service httpd restart

 

 

Step5: Verify web services

Let us perform a quick verification on the setting. Access all your web services as listed below:-

 
Web services URL
iredadmin  https://192.168.1.6/iredamin/
awstats  https://192.168.1.6/awstats/awstats.pl
phpldapadmin https://192.168.1.6:8082

phpmyadmin

https://192.168.1.6:8081
roundcubemail http://192.168.1.5
roundcubemail -SSL http://192.168.1.5

 

Back to CentOS Linux Mail Server Guide


Copyright 2011 http://www.1a-centosserver.com All Rights Reserved

All trademarks are the property of their respective owners.

Contact Us | Terms of Use | Privacy Policy