Control Web Panel
WebPanel => SSL => Topic started by: Domains on April 14, 2023, 04:06:54 PM
-
Hi
I need to change default 443 SSL port to another port number. Can you help me how can I do this?
(In my fuckin country, dear stupid government has closed the SSL port and when I try my sites with HTTPS, they're not working. only HTTP work. So I need to change port number and maybe this fix the issue with ssl sites)
-
Are you meaning for the CWP admin (2031/2087) or user panel (2083), or just any website running on the standard HTTPS SSL port (443)?
-
Are you meaning for the CWP admin (2031/2087) or user panel (2083), or just any website running on the standard HTTPS SSL port (443)?
Hi, Thanks for reply
I mean for all websites running on the standard HTTPS SSL port (443). Is it possible?
-
Easiest would be an iptables redirect, so you don't have to re-configure all services/vhosts. And your new port would need to be opened in the CSF firewall (/etc/csf/csf.conf). Start by enabling port forwarding:
echo "1" > /proc/sys/net/ipv4/ip_forward
Then you have to add the following rules to your iptables NAT table:
iptables -t nat -A PREROUTING -s 127.0.0.1 -p tcp --dport 443 -j REDIRECT --to 8443`
iptables -t nat -A OUTPUT -s 127.0.0.1 -p tcp --dport 443 -j REDIRECT --to 8443`
-
Easiest would be an iptables redirect, so you don't have to re-configure all services/vhosts. And your new port would need to be opened in the CSF firewall (/etc/csf/csf.conf). Start by enabling port forwarding:
echo "1" > /proc/sys/net/ipv4/ip_forward
Then you have to add the following rules to your iptables NAT table:
iptables -t nat -A PREROUTING -s 127.0.0.1 -p tcp --dport 443 -j REDIRECT --to 8443`
iptables -t nat -A OUTPUT -s 127.0.0.1 -p tcp --dport 443 -j REDIRECT --to 8443`
Thank you for your guide.
I applied the commands but still the site doesn't work via https in my country. (When I check with vpn through another country, the sites go through https without any problem. here is an example site: https://hipsychology.com)
Maybe I didn't do the port forwarding correctly? Is there a way to check https websites is running through which port now?
Even when I tried to redirect "Https" to "Http" via .htaccess file It's not working.
Maybe we need to do that before forwarding level? or maybe they use another method to block https websites?
-
more helps please?
-
Hi,
If you use CSF then you can do it using CSF (ip tables). However you will be forced to specify the port number in your URLs like:
https://domain.com:4443/
to access the sites over HTTPS.
If it is ok for you then just put the following line into the file:
/etc/csf/csf.redirect
*|4443|*|443|tcp
then restart CSF:
csf -r