diff -Nur e-smith-manager-2.4.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/27ManagerProxyPass e-smith-manager-2.4.0_bz9163/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/27ManagerProxyPass --- e-smith-manager-2.4.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/27ManagerProxyPass 2007-01-27 02:51:30.000000000 +0100 +++ e-smith-manager-2.4.0_bz9163/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/27ManagerProxyPass 2016-01-06 16:00:49.100684723 +0100 @@ -3,22 +3,28 @@ $haveSSL = (exists ${modSSL}{status} and ${modSSL}{status} eq "enabled") ? 'yes' : 'no'; $plainTextAccess = ${'httpd-admin'}{PermitPlainTextAccess} || 'no'; + $plainPort = ${'httpd-e-smith'}{TCPPort} || '80'; + $sslPort = ${modSSL}{TCPPort} || '443'; $OUT = ''; foreach $place ('server-manager','server-common','user-password') { - if (($port eq "80") && ($haveSSL eq 'yes') && ($plainTextAccess ne 'yes')) + if (($port eq $plainPort) && ($haveSSL eq 'yes') && ($plainTextAccess ne 'yes')) { + $OUT .= ' RewriteCond %{REMOTE_ADDR} !^127\.0\.0\.1$' . "\n"; $OUT .= " RewriteRule ^/$place(/.*|\$) https://%{HTTP_HOST}/$place\$1 [L,R]\n"; - } else { - $OUT .= " ProxyPass /$place http://127.0.0.1:${'httpd-admin'}{TCPPort}/$place\n"; - $OUT .= " ProxyPassReverse /$place http://127.0.0.1:${'httpd-admin'}{TCPPort}/$place\n"; } + $OUT .= " ProxyPass /$place http://127.0.0.1:${'httpd-admin'}{TCPPort}/$place\n"; + $OUT .= " ProxyPassReverse /$place http://127.0.0.1:${'httpd-admin'}{TCPPort}/$place\n"; $OUT .= " \n"; $OUT .= " order deny,allow\n"; $OUT .= " deny from all\n"; - if (($haveSSL eq 'yes') && (($port eq "443") || ($plainTextAccess ne 'yes'))) + if ($port eq $plainPort) + { + $OUT .= ' allow from 127.0.0.1' . "\n"; + } + elsif (($haveSSL eq 'yes') && (($port eq $sslPort) || ($plainTextAccess ne 'yes'))) { $OUT .= " allow from $localAccess $externalSSLAccess\n"; } else {